Fortinet March Threatscape report shows domination of ransomware and troublesome zero-day
- United Arab Emirates: Thursday, April 01 - 2010 at 12:35
- PRESS RELEASE
Fortinet, a leading network security provider and worldwide leader of unified threat management (UTM) solutions, today announced its March 2010 Threatscape report showed domination of ransomware threats with nine of the detections in the malware top ten list resulting in either scareware or ransomware infesting the victim's PC.
Key threat activities for the month of March include:
• SMS-based Ransomware High Activity: A new ransomware threat - W32/DigiPog.EP - appeared in Fortinet's top ten malware list. DigiPog is an SMS blocker using Russian language, locking out a system and aggressively killing off popular applications like Internet Explorer and FireFox until an appropriate code is entered into a field provided to the user. To obtain the code, a user must send a SMS message to the provided number, receiving a code in return. Upon execution, DigiPog registers the user's MAC address with its server. It is the first time that SMS-based ransomware enters Fortinet's top ten list, showing that the rise of ransomware is well on its way.
• Botnets - the competition gets tough: While the infamous Bredolab and Pushdo botnets can be identified behind the strong ransomware activity this month, a challenger has been particularly active this month. Sasfis, another botnet loader, moved up eight positions in our Top 100 attack list from last month, landing just behind Gumblar & Conficker network activity in the fifth position. Sasfis is just the latest example of simplified botnets, which are used heavily for malicious business services (crime as a service).
• Zero-day attack forces in: A new zero-day threat aggressively entered FortiGuard's top ten attack list: MS.IE.Userdata.Behavior.Code.Execution (CVE-2010-0806, FortiGuard Advisory 2010-14). This exploit triggers a vulnerability in Internet Explorer, making remote code execution through a drive-by download (no user interaction required) possible. Accounting for one fourth of the detected activity in March, this exploit was ranked number two in our top ten attacks last month and remains very active, predominantly in Japan, Korea and the U.S.
"As we predicted for 2010, cybercriminals are clearly pursuing new ways to lure consumers and threaten the enterprise at large. Troublesome zero-day exploits continue to attack popular client-side software, while methods such as ransomware and crime as a service help them increase their reach and make their attacks more effective against end users," said Derek Manky, Project Manager, Cyber Security and Threat Research, Fortinet.
"With cybercrime techniques getting more sophisticated every day, it is critical to educate users on the importance of having the right security software and patches in place. Robust security services and safe practice can help protect consumers and organizations against known vulnerabilities, but also unknown ones such as zero-day threats," he added.
FortiGuard Labs compiled threat statistics and trends for March based on data collected from FortiGate network security appliances and intelligence systems in production worldwide. Customers who use Fortinet's FortiGuard Subscription Services should already be protected against the threats outlined in this report.
FortiGuard Subscription Services offer broad security solutions including antivirus, intrusion prevention, Web content filtering and anti-spam capabilities. These services help enable protection against threats on both application and network layers. FortiGuard Services are updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and zero-day protection from new and emerging threats. For customers with a subscription to FortiGuard, these updates are delivered to all FortiGate, FortiMail and FortiClient products.
Articles in this section are primarily provided directly by the companies appearing or PR agencies which are solely responsible for the content. The companies concerned may use the above content on their respective web sites provided they link back to http://www.ameinfo.com
Any opinions, advice, statements, offers or other information expressed in this section of the AMEinfo.com Web site are those of the authors and do not necessarily reflect the views of AME Info FZ LLC / 4C. AME Info FZ LLC / 4C is not responsible or liable for the content, accuracy or reliability of any material, advice, opinion or statement in this section of the AMEinfo.com Web site.