Web-based attacks skyrocket, pirating sites surge, security firms say

By Robert Westervelt, News Editor 02 Nov 2009 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Web-based attacks are continuing to become a popular method for spreading malware, creating zombie computers and harvesting account credentials, according to two new security reports. The spam that lures victims to malicious websites is also increasing, helping fuel the trend.

SearchSecurity.com: To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

Attackers are setting up more than 3,000 new malicious websites every day, according to Symantec Corp.'s MessageLabs October 2009 Intelligence Report. The sites, which spread malware and scareware antivirus programs, increased more than 32% over September.

The MessageLabs report found that new malware is accounting for 37.6% of all Web-based malware intercepted by the security vendor in October, an increase of 4.1% since September.

Meanwhile, McAfee Inc., which released its quarterly analysis, detected a new wave of file-sharing sites fueling an increase in Web-based attacks. The sites may be a result of the clampdown on The Pirate Bay torrent site following the prosecution of its founders in Sweden, according to McAfee. While the sites appear to contain pirated material, McAfee researchers said many of the files contain malware and malicious software downloaders.

Microsoft report details increase in computer worms: Computer worm infections up, scareware antivirus down, Microsoft says: Microsoft's biannual report finds rogue antivirus infections and Trojan and downloader attacks down in the first six months of 2009.

In addition the McAfee report found spam and malware levels at an all-time high. McAfee said spam in the third quarter reached its highest level in history, breaking the previous record set in the second quarter of 2009 by 10%. It now comprises 92% of all email.

Spammers employed successful social engineering tricks in the third quarter, using the names of prominent government agencies to lure users to click on a malicious link leading to attack websites. Spam messages using the Internal Revenue Service (IRS) warning of a misreported income tax filing and more recently the Federal Deposit Insurance Corporation (FDIC) warning people that their bank is on a list of failed banks, are tricking users into visiting attack sites, McAfee said.

Much of the spam can be attributed to the Cutwail botnet, which has rebounded since its command-and-control servers were disrupted by the Federal Trade Commission's shutdown of rogue ISP 3FN.net.

The Koobface worm continued to spread in the third quarter, tricking victims into downloading malware and spyware to their PCs via social networking sites like Facebook, MySpace and Twitter. Koobface spreads using victim friend lists, making it behave as a worm, McAfee said. Although the number of Koobface attacks was down slightly from the previous quarter, McAfee warned users of social networks to remain vigilant.

In addition, McAfee found the rogue antivirus business continuing to grow quarter after quarter. The scareware antivirus programs are spreading via poisoned search engine results.

"Given the black-hat search-engine optimization (SEO) tactics that infect those searching for the latest malware data as well as the rapid rise in the rogue anti-virus business, one wonders how much fear permeates the security community," McAfee said. "In addition, plain old malicious websites continue to thrive. Even with the cooperation of the Internet community to combat them, there are many opportunities for malware authors to exploit."

Tags: Web Application and Web 2.0 Threats,  Email and Messaging Threats (spam, phishing, instant messaging),  Malware, Viruses, Trojans and Spyware,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Web Application and Web 2.0 Threats Web security firm ranks Firefox, Safari browsers as flaw prone Web application vulnerability assessment shows patching progress Layoffs prompt insider threat fears, cybersecurity survey finds Botnet masters turn to Google, social networks to avoid detection Computer worm infections up, scareware antivirus down, Microsoft says Kaspersky system analyzes malicious URLs on Twitter for malware Pushdo botnet uses Facebook to spread malicious email attachment Do Facebook URL security concerns justify blocking social networks? Gumblar Trojan drive-by exploits spike following Adobe update Some Facebook applications lead to Russian attack sites Email and Messaging Threats (spam, phishing, instant messaging) Messaging security risks have upper hand on solutions Pushdo botnet uses Facebook to spread malicious email attachment Scareware report highlights successful business model How to prevent phishing attacks with social engineering tests Phishing protection begins with training, antiphishing evangelist Phishing attacks to remain a major problem, say security experts Barracuda acquires Purewire expanding Web security reach FBI raids phishing crime ring, nearly 100 arrested Massive phishing scheme affects Microsoft Hotmail accounts Phishing websites, rogue antivirus skyrocket in 2009 Email and Messaging Threats (spam, phishing, instant messaging) Research Malware, Viruses, Trojans and Spyware Increase in Gumblar backdoors poses FTP credential problems Hackers to sharpen malware, malicious software in 2010 iPhone worm Rickrolls jailbroken phones Israeli Mossad add Trojan Horse to Syrian laptop Schneier-Ranum Face-Off: Is antivirus dead? Modern malware, stealthy botnets, adapt quickly, expert says Computer worm infections up, scareware antivirus down, Microsoft says Mini guide: How to remove and prevent Trojans, malware and spyware Kaspersky system analyzes malicious URLs on Twitter for malware Silon malware intercepts Internet Explorer sessions, steals credentials

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary content filtering  (SearchSecurity.com) Web filter  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary