Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Fortinet: Strength in Numbers Defined Fortinet’s Most Reported Threats for February 2008

March 2008 by Fortinet

Fortinet announced the top 10 most reported high-risk threats for February 2008. The most definable malware trend for the month was that birds of a feather do flock together and used their collective strength to overtake the Top Ten list, both individually and as a family. The mass-mailer families of MyTob and MyDoom showed strong activity in February and represent a significant portion of this month’s malware attacks. As an individual contributor, Trojan Pushdo!tr’s pornography-laced zip-file attachments pulled out an aggressive two-day attack, allowing the Pushdo variant to make its debut onto the Top Ten. This report was compiled by Fortinet’s FortiGuard Global Security Research Team, using intelligence gathered from FortiGate™ multi-threat security systems in production worldwide.

“We saw threats on two fronts in February – consistent attacks by malware families that did not let up, punctuated by a periodic rapid-fire approach by individual variants. Mutations of accessible malware code have allowed families, such as MyTob, to thrive and form a visible presence in today’s threatscape,” said Derek Manky, security research engineer for Fortinet.

February primarily showed a shuffling of positions in the most often seen threats while also introducing two malware families to the Top Ten, with MyTob family activity second only to Netsky. For the month of February, rankings for both individual and family threats caught by Fortinet’s FortiGate security appliances are provided:

Rank Malware Family Threat Type Percentage

1 Netsky Mass mailer 18.6
2 MyTob Mass mailer 12.2
3 HTML/Iframe_CID!exploit Exploit 8.0
4 Pushdo Trojan 5.0
5 Storm Trojan 4.9
6 MyDoom Mass mailer 4.7
7 Bagle Mass mailer 3.9
8 Agent Adware 3.8
9 Grew Worm 3.4
10 W32/Istbar.PK!tr.dldr Trojan 2.1

Following is the Top Ten list of individual threats for February. Top 100 shifts indicate positional changes compared to January’s Top 100 ranking, with “new” representing the malware’s debut in the Top 100. Most notable individual threat movements include Pushdo!tr’s sixth-place claim with a three-day push at the end of January, followed by a two-day spike mid-February. In addition, Adware/Agent climbed the ranks from January’s eighth-place finish to fourth place in February.

Rank Threat Name Threat Type % of Detections Top 100 Shift

1 W32/Netsky!similar Mass mailer 12.0 -
2 HTML/Iframe_CID!exploit Exploit 8.0 -
3 W32/Small.FQS!tr.dldr Trojan 4.5 -
4 Adware/Agent Adware 3.8 +4
5 W32/Grew.A!worm Worm 3.0 +8
6 W32/Pushdo!tr Trojan 3.3 new
7 W32/MyDoom.N@mm Exploit 2.6 new
8 W32/Bagle.DY@mm Mass mailer 2.3 +1
9 W32/MyTob.fam@mm Mass mailer 2.2 +10
10 W32/MyTob.FR@mm Mass mailer 2.1 -5

See previous articles


See next articles