The Latest Fortinet News
Product and Solution Information, Press Releases, Announcements
|High Jumpers Observed on Fortinet's December '08 Threatscape Report|
|Posted: Mon Jan 19, 2009 10:04:00 AM|
Keylogging, Online Games Surge During Holiday Buying Season; Spam Rate Spikes Post McColo
SUNNYVALE, Calif., Jan. 13, 2009 - Fortinet® - the pioneer and leading provider of unified threat management (UTM) solutions - today announced its December 2008 Threatscape report recorded significant chart-jumping activities made by two online banking and gaming Trojans as well as a double-digit spike in global spam rates. Fortinet's FortiGuard® Global Security research team observed the steep ascent of the W32/Zbot.GXN!tr.spy keylogger/banking Trojan, which debuted at the No. 1 spot on Fortinet's Top 100 malware variants list. W32/Zbot.GXN!tr.spy targeted a four-day attack from Nov. 25-28, just in time for Black Friday, presumably to siphon consumer banking or credit card information. Another chart-topper, the gaming Trojan Spy/OnLineGames, climbed 75 positions to land in the No. 3 spot, continuing the online gaming trend that Fortinet researchers first highlighted in April 2008. In addition, global spam rates jumped nearly 11 percent compared to November as spammers begin to recover from the McColo takedown.
"Though taking a backseat to the keylogging/banking Trojans in this period, online-gaming attacks continue to be significant primarily due to popularity of the games themselves and the real-world value that's associated with virtual gaming assets," said Derek Manky, project manager, cyber security and threat research, Fortinet. "It should be noted that online gaming Trojans should be seen as a threat to users, gamers and corporations alike. Any Trojan sitting on a machine that has been compromised should be considered a threat to the network to which it is connected as Trojans typically have a very dynamic nature."
Following are key findings from Fortinet's December 2008 Threatscape report:
* Exploits/Intrusion - a total of 65 vulnerabilities were added to FortiGuard IPS coverage this period; of these, 17 were reported to be actively exploited;
* Malware - activities shifted away from scareware tactics to keylogging and information siphoning in this period, while file infector W32/Virut.A has managed to stay in the Top 10 positions consistently; regionally, the U.S. (42.72%) overtook Asian countries in malware volume for the first time in many months, but Asia as a whole was still a highly targeted region: Japan (37.33%), China (25.13%), Taiwan (20.54%) and India (19.08%);
* Spam - spam-spewing botnets took a month to almost recover after the McColo take-down and showed a steady uptick with a nearly 11-percent increase in December; taking advantage of the holiday season and failing economy, the most popular spam topics were an e-card, an undeliverable UPS package notification and a home-loan modification scheme;
* Web traffic - percentage of activity blocked for selected Web categories remained steady from the last report, with pornography representing the lion's share at near 70 percent; malware, spyware and phishing activities represented the remaining 30 percent of blocked traffic, with malware leading the way at nearly 20 percent.
The Fortinet FortiGuard® Global Security Research team compiled threat statistics and trends for December based on data collected from FortiGate® network security appliances and intelligence systems in production worldwide. Customers who use Fortinet's FortiGuard Subscription Services should already be protected against the threats outlined in this report.
To read the full December Threatscape report which includes the top threat rankings in each category, please visit: http://www.fortiguardcenter.com/reports/roundup_dec_2008.html. For ongoing threat research, bookmark the FortiGuard Center (http://www.fortiguardcenter.com/) or add it to your RSS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html.
FortiGuard Subscription Services offer broad security solutions including antivirus, intrusion prevention, Web content filtering and anti-spam capabilities. These services help enable protection against threats on both application and network layers. FortiGuard Services are updated by the FortiGuard Global Security Research Team, which enables Fortinet to deliver a combination of multi-layered security intelligence and zero-day protection from new and emerging threats. For products with a subscription to FortiGuard, these updates are delivered to all FortiGate®, FortiMail™ and FortiClient™ products.
To Purchase Fortinet Products Visit http://www.avfirewalls.com