SlideShare uma empresa Scribd logo

Commtouch october 2012 internet threats trend report

Transferir como PPTX, PDF
Cyren, Inc
Cyren, Inc
Tecnologia
1 de 25
Internet Threats Trend Report October 2012
October 2012 Threat Report The following is a condensed version of the October 2012 Commtouch Internet Threats Trend Report You can download the complete report at http://www.commtouch.com/threat-report-oct-2012 Copyright© 2012 Commtouch Software Ltd. Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch, Authentium, Command Antivirus and Command Anti-malware are registered trademarks, of Commtouch. U.S. Patent No. 6,330,590 is owned by Commtouch.
Key Security Highlights
Malware Trends
Android Malware • Android malware continues to grow – both in volume and in the number of variants • One attack made use of compromised email accounts to send simple one-link emails (in the past these were usually links to spam) • In this case the malware URLs only worked for Android devices
Android Malware • The downloaded file “update.apk” (.apk is a packaged Android app) requires the user to activate the installation • Malware could work as a proxy to steal data from devices on corporate VPNs • Alternatively, the network access would allow communication with botnet command and control servers
Groupon Malware Deals Android Malware • Authentic Groupon formatting • Malware attachment extracts to “Coupon gift.exe” • Commtouch’s Antivirus identifies the malware as W32/Trojan3.DWY • Only 30% of the 41 engines on VirusTotal detected the malware within a few hours of the attack
Attached-malware levels
Top 10 Malware of Q3 2012 Rank Malware name Rank Malware name 1 SWF-malform-1 6 CVE-2010-3333 2 W32/Ramnit.Q 7 W32/MyWeb.D@adw 3 W32/Conficker!Generic 8 W32/Injector.A.gen!Eldorado 4 W32/Mabezat.A-2 9 W32/Mabezat.A-1 5 W32/Agent.PJ.gen!Eldorado 10 W32/Tenga.3666
Spam Trends
Grum Botnet Takedown • Reported near end-July • The takedown was the effort of FireEye assisted by Spamhaus, and other industry experts and network operators • Immediate effect was the lowest spam per single day in the last 3 years (near 51 billion messages) • However, spam levels returned to average numbers almost immediately
Spam Percentage • Spam averaged 74% of all emails sent during the quarter, a decrease of 2% from Q2
Spam Zombies • The number of zombies activated on the reported day of the Grum takedown was the lowest of the quarter • Note the ramp-up of daily activated zombies in the 2 weeks following the takedown • Average turnover: 304,000 newly activated each day for sending spam (minor increase from Q2 2012)
Spam Templates • Example from August • Spammers mistakenly leave script text inside sent emails • Text gives us an idea of how a template with variations is built • Designed to outwit spam filters
Spam Topics Cloud • Frequently occurring terms printed in proportionally larger text
Spam Topics • Pharmacy spam dropped nearly 10% this quarter but remained the most common spam subject • Enhancer spam gained almost 10% and replica themed spam dropped almost 5% to be only the 5th most popular topic
Olympic Games Scams • The Olympic Games (July and August) proved to be a very popular theme for 419 scams during the quarter • Most scams promised money from Olympics-related lotteries • Other emails offered Games-related merchandise for large fees or offered recipients interesting Olympic job- opportunities (in exchange for “processing” fees)
Web Trends
Wells Fargo attack uses hacked sites • Phony Wells Fargo emails link to compromised sites • Sites redirect to destination malware store • Blackhole Exploit Kit, in the form of obfuscated JavaScript on the final destination page, assesses the exploitable versions of various browsers and add-ons and executes appropriate payloads that start a process of downloading further malware onto the victim’s computer
Web categories: malware • Analysis of which categories of legitimate Web sites were most likely to be hiding malware pages (usually without the knowledge of the site owner) • Education category on top again Rank Category Rank Category 1 Education 6 Restaurants & Dining 2 Shopping 7 Travel 3 Sports 8 Health & Medicine 4 Business 9 Streaming Media & Downloads 5 Entertainment 10 Leisure & Recreation
Web categories: phishing • Analysis of which categories of legitimate Web sites were most likely to be hiding phishing pages (usually without the knowledge of the site owner) • Portals (offering free website hosting) remained at the highest position Rank Category Rank Category 1 Portals 6 Real Estate 2 Education 7 Leisure & Recreation 3 Arts Sports 8 Travel 4 Shopping 9 Computers & Technology 5 Business 10 Health & Medicine
Zombie Hotspots
Zombie Hotspots • India still hosts over 20% of the world’s spam sending zombies • Morocco and Saudi Arabia dropped out of the top 15 – Replaced by Spain and Colombia
October 2012 Threat Report You can download the complete report at http://www.commtouch.com/threat-report-oct-2012 Copyright© 2012 Commtouch Software Ltd. Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch, Authentium, Command Antivirus and Command Anti-malware are registered trademarks, of Commtouch. U.S. Patent No. 6,330,590 is owned by Commtouch.
For more information contact: info@commtouch.com 650 864 2000 (Americas) +972 9 863 6895 (International) Web: www.commtouch.com Blog: http://blog.commtouch.com

Recomendados

Fortune Minerals - Revenue Silver Mine Presentation May 2014
Fortune Minerals - Revenue Silver Mine Presentation May 2014Fortune Minerals - Revenue Silver Mine Presentation May 2014
Fortune Minerals - Revenue Silver Mine Presentation May 2014
Company Spotlight
 
Responsibility and accountability
Responsibility and accountabilityResponsibility and accountability
Responsibility and accountability
Diocese of Harrisburg
 
Banking in the Digital Era: Regaining Consumer Trust
Banking in the Digital Era: Regaining Consumer TrustBanking in the Digital Era: Regaining Consumer Trust
Banking in the Digital Era: Regaining Consumer Trust
Cognizant
 
Itconsortium capabilities brief short
Itconsortium capabilities brief shortItconsortium capabilities brief short
Itconsortium capabilities brief short
Jeffrey Strobach
 
Voraussetzungen erfolgreicher App-Entwicklungsprojekte
Voraussetzungen erfolgreicher App-EntwicklungsprojekteVoraussetzungen erfolgreicher App-Entwicklungsprojekte
Voraussetzungen erfolgreicher App-Entwicklungsprojekte
Connected-Blog
 
How to create a toxic free lifestyle - class slides
How to create a toxic free lifestyle - class slidesHow to create a toxic free lifestyle - class slides
How to create a toxic free lifestyle - class slides
cvanbemmelen143
 
Scooters_LandlordBrochure_bypage
Scooters_LandlordBrochure_bypageScooters_LandlordBrochure_bypage
Scooters_LandlordBrochure_bypage
Deanna Erwin
 
All Together Now: A Recipe for Successful Data Governance
All Together Now: A Recipe for Successful Data GovernanceAll Together Now: A Recipe for Successful Data Governance
All Together Now: A Recipe for Successful Data Governance
Inside Analysis
 

Recomendados

Fortune Minerals - Revenue Silver Mine Presentation May 2014
Fortune Minerals - Revenue Silver Mine Presentation May 2014Fortune Minerals - Revenue Silver Mine Presentation May 2014
Fortune Minerals - Revenue Silver Mine Presentation May 2014
Company Spotlight
 
Responsibility and accountability
Responsibility and accountabilityResponsibility and accountability
Responsibility and accountability
Diocese of Harrisburg
 
Banking in the Digital Era: Regaining Consumer Trust
Banking in the Digital Era: Regaining Consumer TrustBanking in the Digital Era: Regaining Consumer Trust
Banking in the Digital Era: Regaining Consumer Trust
Cognizant
 
Itconsortium capabilities brief short
Itconsortium capabilities brief shortItconsortium capabilities brief short
Itconsortium capabilities brief short
Jeffrey Strobach
 
Voraussetzungen erfolgreicher App-Entwicklungsprojekte
Voraussetzungen erfolgreicher App-EntwicklungsprojekteVoraussetzungen erfolgreicher App-Entwicklungsprojekte
Voraussetzungen erfolgreicher App-Entwicklungsprojekte
Connected-Blog
 
How to create a toxic free lifestyle - class slides
How to create a toxic free lifestyle - class slidesHow to create a toxic free lifestyle - class slides
How to create a toxic free lifestyle - class slides
cvanbemmelen143
 
Scooters_LandlordBrochure_bypage
Scooters_LandlordBrochure_bypageScooters_LandlordBrochure_bypage
Scooters_LandlordBrochure_bypage
Deanna Erwin
 
All Together Now: A Recipe for Successful Data Governance
All Together Now: A Recipe for Successful Data GovernanceAll Together Now: A Recipe for Successful Data Governance
All Together Now: A Recipe for Successful Data Governance
Inside Analysis
 
Sittard - Geleen - Pocket Guide
Sittard - Geleen - Pocket GuideSittard - Geleen - Pocket Guide
Sittard - Geleen - Pocket Guide
Alpha Company, AFNORTH Battalion SFRG
 
Eyelid+Surgery+US
Eyelid+Surgery+USEyelid+Surgery+US
Eyelid+Surgery+US
Vyshali Anand
 
Dsp black rock projct
Dsp black rock projctDsp black rock projct
Dsp black rock projct
Ashwani Kumar
 
Austin - Program
Austin - ProgramAustin - Program
Austin - Program
Israel Irrobali
 
Cherbourg Tour 17 26 October 2011
Cherbourg Tour 17 26 October 2011Cherbourg Tour 17 26 October 2011
Cherbourg Tour 17 26 October 2011
John David Olsen
 
CSRwire & Verizon Webinar_June 26, 2012
CSRwire & Verizon Webinar_June 26, 2012CSRwire & Verizon Webinar_June 26, 2012
CSRwire & Verizon Webinar_June 26, 2012
CSRwire
 
Global Technologies Jan feb 2015
Global Technologies Jan feb 2015Global Technologies Jan feb 2015
Global Technologies Jan feb 2015
Global Media Group
 
Green packet-wimax-modem-case studies-2012
Green packet-wimax-modem-case studies-2012Green packet-wimax-modem-case studies-2012
Green packet-wimax-modem-case studies-2012
wimax-modem-cpe
 
Transforming Race Today: Structural Racialization, Systems Thinking, and Impl...
Transforming Race Today: Structural Racialization, Systems Thinking, and Impl...Transforming Race Today: Structural Racialization, Systems Thinking, and Impl...
Transforming Race Today: Structural Racialization, Systems Thinking, and Impl...
Kirwan Institute for the Study of Race and Ethnicity
 
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to know
Cyren, Inc
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
Cyren, Inc
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomware
Cyren, Inc
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
Cyren, Inc
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Cyren, Inc
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
Cyren, Inc
 
Webinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatWebinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threat
Cyren, Inc
 
Webinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrimeWebinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrime
Cyren, Inc
 
Webinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsoleteWebinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsolete
Cyren, Inc
 
Webinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacksWebinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacks
Cyren, Inc
 
Webinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of DefenseWebinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of Defense
Cyren, Inc
 
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat ReportWebinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Cyren, Inc
 
Webinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud SecurityWebinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud Security
Cyren, Inc
 

Mais conteúdo relacionado

Destaque

Dsp black rock projct
Dsp black rock projctDsp black rock projct
Dsp black rock projct
Ashwani Kumar
 
Cherbourg Tour 17 26 October 2011
Cherbourg Tour 17 26 October 2011Cherbourg Tour 17 26 October 2011
Cherbourg Tour 17 26 October 2011
John David Olsen
 
CSRwire & Verizon Webinar_June 26, 2012
CSRwire & Verizon Webinar_June 26, 2012CSRwire & Verizon Webinar_June 26, 2012
CSRwire & Verizon Webinar_June 26, 2012
CSRwire
 

Destaque (9)

Sittard - Geleen - Pocket Guide
Sittard - Geleen - Pocket GuideSittard - Geleen - Pocket Guide
Sittard - Geleen - Pocket Guide
 
Eyelid+Surgery+US
Eyelid+Surgery+USEyelid+Surgery+US
Eyelid+Surgery+US
 
Dsp black rock projct
Dsp black rock projctDsp black rock projct
Dsp black rock projct
 
Austin - Program
Austin - ProgramAustin - Program
Austin - Program
 
Cherbourg Tour 17 26 October 2011
Cherbourg Tour 17 26 October 2011Cherbourg Tour 17 26 October 2011
Cherbourg Tour 17 26 October 2011
 
CSRwire & Verizon Webinar_June 26, 2012
CSRwire & Verizon Webinar_June 26, 2012CSRwire & Verizon Webinar_June 26, 2012
CSRwire & Verizon Webinar_June 26, 2012
 
Global Technologies Jan feb 2015
Global Technologies Jan feb 2015Global Technologies Jan feb 2015
Global Technologies Jan feb 2015
 
Green packet-wimax-modem-case studies-2012
Green packet-wimax-modem-case studies-2012Green packet-wimax-modem-case studies-2012
Green packet-wimax-modem-case studies-2012
 
Transforming Race Today: Structural Racialization, Systems Thinking, and Impl...
Transforming Race Today: Structural Racialization, Systems Thinking, and Impl...Transforming Race Today: Structural Racialization, Systems Thinking, and Impl...
Transforming Race Today: Structural Racialization, Systems Thinking, and Impl...
 

Mais de Cyren, Inc

Webinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseWebinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for Enterprise
Cyren, Inc
 

Mais de Cyren, Inc (20)

Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to know
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomware
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
 
Webinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatWebinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threat
 
Webinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrimeWebinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrime
 
Webinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsoleteWebinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsolete
 
Webinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacksWebinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacks
 
Webinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of DefenseWebinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of Defense
 
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat ReportWebinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
 
Webinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud SecurityWebinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud Security
 
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats ReportWebinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
 
Webinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for HealthcareWebinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for Healthcare
 
Webinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseWebinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for Enterprise
 
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend ReportWebinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
 
CeBIT 2015 Presentation
CeBIT 2015 PresentationCeBIT 2015 Presentation
CeBIT 2015 Presentation
 
Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats YearbookWebinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
 
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
 

Último

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 

Último (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 

Commtouch october 2012 internet threats trend report

  • 2. October 2012 Threat Report The following is a condensed version of the October 2012 Commtouch Internet Threats Trend Report You can download the complete report at http://www.commtouch.com/threat-report-oct-2012 Copyright© 2012 Commtouch Software Ltd. Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch, Authentium, Command Antivirus and Command Anti-malware are registered trademarks, of Commtouch. U.S. Patent No. 6,330,590 is owned by Commtouch.
  • 5. Android Malware • Android malware continues to grow – both in volume and in the number of variants • One attack made use of compromised email accounts to send simple one-link emails (in the past these were usually links to spam) • In this case the malware URLs only worked for Android devices
  • 6. Android Malware • The downloaded file “update.apk” (.apk is a packaged Android app) requires the user to activate the installation • Malware could work as a proxy to steal data from devices on corporate VPNs • Alternatively, the network access would allow communication with botnet command and control servers
  • 7. Groupon Malware Deals Android Malware • Authentic Groupon formatting • Malware attachment extracts to “Coupon gift.exe” • Commtouch’s Antivirus identifies the malware as W32/Trojan3.DWY • Only 30% of the 41 engines on VirusTotal detected the malware within a few hours of the attack
  • 9. Top 10 Malware of Q3 2012 Rank Malware name Rank Malware name 1 SWF-malform-1 6 CVE-2010-3333 2 W32/Ramnit.Q 7 W32/MyWeb.D@adw 3 W32/Conficker!Generic 8 W32/Injector.A.gen!Eldorado 4 W32/Mabezat.A-2 9 W32/Mabezat.A-1 5 W32/Agent.PJ.gen!Eldorado 10 W32/Tenga.3666
  • 11. Grum Botnet Takedown • Reported near end-July • The takedown was the effort of FireEye assisted by Spamhaus, and other industry experts and network operators • Immediate effect was the lowest spam per single day in the last 3 years (near 51 billion messages) • However, spam levels returned to average numbers almost immediately
  • 12. Spam Percentage • Spam averaged 74% of all emails sent during the quarter, a decrease of 2% from Q2
  • 13. Spam Zombies • The number of zombies activated on the reported day of the Grum takedown was the lowest of the quarter • Note the ramp-up of daily activated zombies in the 2 weeks following the takedown • Average turnover: 304,000 newly activated each day for sending spam (minor increase from Q2 2012)
  • 14. Spam Templates • Example from August • Spammers mistakenly leave script text inside sent emails • Text gives us an idea of how a template with variations is built • Designed to outwit spam filters
  • 15. Spam Topics Cloud • Frequently occurring terms printed in proportionally larger text
  • 16. Spam Topics • Pharmacy spam dropped nearly 10% this quarter but remained the most common spam subject • Enhancer spam gained almost 10% and replica themed spam dropped almost 5% to be only the 5th most popular topic
  • 17. Olympic Games Scams • The Olympic Games (July and August) proved to be a very popular theme for 419 scams during the quarter • Most scams promised money from Olympics-related lotteries • Other emails offered Games-related merchandise for large fees or offered recipients interesting Olympic job- opportunities (in exchange for “processing” fees)
  • 19. Wells Fargo attack uses hacked sites • Phony Wells Fargo emails link to compromised sites • Sites redirect to destination malware store • Blackhole Exploit Kit, in the form of obfuscated JavaScript on the final destination page, assesses the exploitable versions of various browsers and add-ons and executes appropriate payloads that start a process of downloading further malware onto the victim’s computer
  • 20. Web categories: malware • Analysis of which categories of legitimate Web sites were most likely to be hiding malware pages (usually without the knowledge of the site owner) • Education category on top again Rank Category Rank Category 1 Education 6 Restaurants & Dining 2 Shopping 7 Travel 3 Sports 8 Health & Medicine 4 Business 9 Streaming Media & Downloads 5 Entertainment 10 Leisure & Recreation
  • 21. Web categories: phishing • Analysis of which categories of legitimate Web sites were most likely to be hiding phishing pages (usually without the knowledge of the site owner) • Portals (offering free website hosting) remained at the highest position Rank Category Rank Category 1 Portals 6 Real Estate 2 Education 7 Leisure & Recreation 3 Arts Sports 8 Travel 4 Shopping 9 Computers & Technology 5 Business 10 Health & Medicine
  • 23. Zombie Hotspots • India still hosts over 20% of the world’s spam sending zombies • Morocco and Saudi Arabia dropped out of the top 15 – Replaced by Spain and Colombia
  • 24. October 2012 Threat Report You can download the complete report at http://www.commtouch.com/threat-report-oct-2012 Copyright© 2012 Commtouch Software Ltd. Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch, Authentium, Command Antivirus and Command Anti-malware are registered trademarks, of Commtouch. U.S. Patent No. 6,330,590 is owned by Commtouch.
  • 25. For more information contact: info@commtouch.com 650 864 2000 (Americas) +972 9 863 6895 (International) Web: www.commtouch.com Blog: http://blog.commtouch.com