The Latest Fortinet News
Product and Solution Information, Press Releases, Announcements
|Fortinet Threat Landscape Research Shows 64-Bit Malware Family Spreading|
|Posted: Thu Jun 09, 2011 02:34:30 PM|
SUNNYVALE, Calif., June 7, 2011 - Fortinet® (NASDAQ: FTNT) - a leading network security provider and the worldwide leader of unified threat management (UTM) solutions - today released its latest Threat Landscape report, which details two prominent detections belonging to the TDSS family of rootkits that are capable of infecting 64-bit Windows operating systems. The TDSS rootkit, which is difficult to detect and remove, has full access to any system it infects and can mask its activity to administrators and end users.
"Microsoft issued a security advisory in mid-April to fix a vulnerability with driver signing enforcement that the TDSS family of rootkits have been known to exploit," said Derek Manky, senior security strategist at Fortinet. "Since TDSS is still active and potent, we strongly recommend applying this critical update if you are running an affected x64 edition of Microsoft Windows. These rootkits spread through common infection methods like malicious Websites that host exploit kits, and we have recently seen a new 64-bit rootkit emerge that uses an entirely different method to subvert x64 based systems."
Fake Antivirus Detections Up and Targeting the Mac
The most prominent virus FortiGuard Labs detected during the month of May was Fraudload.OR, which frequently disguises itself in the form of fake antivirus software, though Fraudload also has the ability to download other Trojans and malware to an infected user's system.
"Fake antivirus software is a tried and true model for cyber criminals, often operating on a pay-per-purchase basis where the criminals who infect a user's system receive a commission for every victim that orders a version of the fake software," Manky continued. "Recently, this type of malware has started to make its way to the Mac OSX platform in the form of MacDefender and MacGuard."