Reported IT Threats for January 2008
Fortinet Announces Top Reported IT Threats for January 2008
Sydney – February 5th 2008– Fortinet® - a pioneer and leading provider of unified threat management (UTM) solutions - today announced the top 10 most reported high-risk threats for January 2008. For the malware community, it would appear that Christmas is not over and it is not too early for Valentine's Day, as some of January's most prevalent attacks were spam disguised as Christmas greeting eCards or love letters. Together, they represent more than 11 percent* of the total threats for the month of January.
The report was compiled by Fortinet's FortiGuard Global Security Research Team, using intelligence gathered from FortiGate™ multi-threat security systems in production worldwide.
Highlights of January 2008's top 10 threats are as follows:
• Displaying the power of Storm, a new worm variant - Small.FQS - took the No. 3 position in a one-day Valentine's campaign. Arriving on January 16, Small.FQS charmed readers with emailed links to a Storm infection.
• Trojans Pushu.BYC and Pushdo.DGH were responsible for the proliferation of Christmas greeting eCards, which earned them the No. 4 and No. 6 spots, respectively, on the top 10 threats list.
• New adware Agent worked its way onto the top 10 list at No. 8, pushing Bdsearch and TCent from last month off the list.
Following is the complete list of January 2008's top 10 threats, as determined by the degree of prevalence:
W32/Netsky!similar Mass mailer 10.91%,
#2 HTML/Iframe_CID!exploit Exploit 7.91%,
#3 W32/Small.FQS!tr.dldr Trojan 5.87*%,
#4 W32/Pushu.BYC!tr Trojan 2.83*%,
#5 W32/MyTob.FR@mm Mass mailer 2.53%,
#6 W32/Pushdo.DGH!tr Trojan 2.53*%,
#7 W32/MalFormedani.C Exploit 2.49%,
#8 Adware/Agent Adware 2.47%,
#9 W32/Bagle.DY@mm Mass mailer 2.24%,
#10 W32/MyTob.BH.fam@mm Mass mailer 2.09%.
"With eCards and Valentine spam saturating email accounts along with other threats from last month, we would remind users to ‘think before clicking that link.' In a cyber world littered with dark alleys, not everyone online is your friend," said Derek Manky, security research engineer for Fortinet. "It should be noted that most legitimate eCards come in the form of a link to the eCard hosting site, using a unique ID, rather than as attachments." To read the full January report, please visit: http://www.fortiguardcenter.com/reports/roundup_jan_2008.html .
For ongoing threat research, bookmark the FortiGuard Center http://www.fortiguardcenter.com
or add it to your RSS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html .
To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html .
* W32/Small.FQS!tr.dldr (5.87%), W32/Pushu.BYC!tr (2.83%) and W32/Pushdo.DGH!tr (2.53%) make up more 11 percent of the total threats for the month of January .
About Fortinet (www.fortinet.com )
Fortinet is the pioneer and leading provider of ASIC-accelerated unified threat management, or UTM, security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, VPN, spyware prevention and anti-spam -- designed to help customers protect against network and content level threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified in six programs by ICSA Labs: (Firewall, Antivirus, IPSec, SSL, Network IPS, and Anti-Spyware). Fortinet is privately held and based in Sunnyvale, California.
# # #
Fortinet is a registered trademark of Fortinet, Inc. Fortinet, FortiGate, FortiOS, FortiAnalyzer, FortiASIC, FortiCare, FortiManager, FortiWiFi, FortiGuard, FortiClient, and FortiReporter are trademarks of the Fortinet, Inc. in the United States and/or other countries. All other trademarks referred to herein are the property of their respective owners.