SlideShare a Scribd company logo

Commtouch july 2012 internet threats trend report

Download as PPTX, PDF
Cyren, Inc
Cyren, Inc
TechnologyNews & Politics
1 of 30
Internet Threats Trend Report July 2012
July 2012 Threat Report The following is a condensed version of the July 2012 Commtouch Internet Threats Trend Report You can download the complete report at http://www.commtouch.com/threat-report-july-2012 Copyright© 2012 Commtouch Software Ltd. Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch, Authentium, Command Antivirus and Command Anti-malware are registered trademarks, of Commtouch. U.S. Patent No. 6,330,590 is owned by Commtouch.
Key Security Highlights
Trends in Q2 2012… Malware Trends
Q2 Malware Trends Blended attacks mix brands and malware The attacks all included similar characteristics: • Well-crafted emails matching those of known companies which were sent out in large volumes. • The emails included links to multiple compromised websites which then redirected to the malware hosting websites. • The compromised websites were often based on the WordPress content management system. • The malware itself was mostly hosted on various .ru domains. • The malware pages showed simple messages such as “Please Wait – Loading” (black text on white). • The same Flash and Adobe Reader exploits were used in most of the malware
Q2 Malware Trends Blended attacks mix brands and malware
Q2 Malware Trends Movie ticket hoax hides malware on Dropbox • Email offers free movie tickets • Clicking on the links leads to several redirects and scripts • Download of file “entrada_cine.zip” from the following link: • https://dl.dropbox.com/u/689--025/bts/entrada_cine.zip
Q2 Malware Trends Email-attached malware • Increase over Q1 levels • Sample attacks: • DHL tracking • “why did you put this photo online”
Q2 Malware Trends Top 10 Malware of Q2 2012 Rank Malware name Rank Malware name 1 W32/RLPacked.A.gen!Eldorado 6 W32/Sality.gen2 2 W32/InstallCore.A2.gen!Eldorado 7 W32/RAHack.A.gen!Eldorado 3 W32/Sality.C.gen!Eldorado 8 W32/OnlineGames.FL.gen!Eldorado 4 W32/HotBar.L.gen!Eldorado 9 W32/Vobfus.AD.gen!Eldorado 5 W32/Heuristic-210!Eldorado 10 JS/Pdfka.EV.gen Source: Commtouch
Q2 Malware Trends For a complete analysis of Malware in Q2 and the specific attacks employed, download the complete July 2012 Internet Threats Trend Report http://www.commtouch.com/threat-report-july-2012
Trends in Q2 2012… Web Security
Q2 Compromised Websites Malware and spam campaigns used compromised sites extensively • Sample LinkedIn email leads to simple notice while malware is downloaded • Legitimate site continues to function normally Source: Commtouch
Q2 Compromised Websites Website categories infected with malware • Pornographic sites disappeared from the top 10 as many legitimate sites from different categories found themselves hacked and hosting malware Rank Category Rank Category 1 Education 6 Sports 2 Travel 7 Leisure & Recreation 3 Business 8 Health & Medicine 4 Entertainment 9 Fashion and beauty Streaming media and 5 Restaurants and dining 10 downloads Source: Commtouch
Q2 Compromised Websites Phishing campaigns also using compromised sites • Sample – Yahoo phishing uses compromised photography site from Romania • Legitimate site continues to function normally Source: Commtouch
Q2 Compromised Websites Website categories infected with phishing • During the second quarter of 2012, Commtouch analyzed which categories of legitimate Web sites were most likely to be hiding phishing pages (usually without the knowledge of the site owner). • Portals (offering free website hosting) remained at the highest position. Rank Category Rank Category 1 Portals 6 Business 2 Fashion & Beauty 7 Arts Streaming media and 3 Sports 8 downloads Computers and 4 Shopping 9 technology 5 Education 10 Travel Source: Commtouch
Q2 Web Security Download the complete July 2012 Internet Threats Trend Report for more details http://www.commtouch.com/threat-report-july-2012
Trends in Q2 2012… Spam Trends
Q2 Spam Trends Spammers invent “Facebook Social” Links lead via compromised sites to pharmacy sites Source: Commtouch
Q2 Spam Trends Phony MySpace, Facebook emails Links lead to the “wikipharmacy” Source: Commtouch
Q2 Spam Trends Spam Levels • Marginal decrease compared to previous quarter • Average daily spam levels dropped to 91 billion spam and phishing emails/day Spam levels – Jan to June 2012 Source: Commtouch
Q2 Spam Trends Spam % • Spam averaged 76% of all emails in Q2 Spam % of all emails – Jan to June 2012 Source: Commtouch
Q2 Spam Trends Spam cloud for Q2 2012 Subjects include: • Pharmaceuticals (pills, pfizer) • Replicas (Breitling, replica) • Enhancers Source: Commtouch
Q2 Spam Trends Spam Topics in Q2 • Pharmacy spam continued to increase, as it did last quarter, to nearly 41% of all spam (~3% more than the previous quarter) • Enhancer and diet-themed spam increased while replica spam dropped almost 8% Source: Commtouch
Q2 Spam Trends Top Faked (Spoofed) Spam Sending Domains* Source: Commtouch * Domains used by spammers in the “from” field of the spam emails.
Q2 Spam Trends Find out more about Spam Trends in Q2 by downloading the complete July Internet Threats Trend Report http://www.commtouch.com/threat-report-july-2012
Trends in Q2 2012… Zombie Trends
Q2 Zombie Trends Daily Turnover of Zombies in Q2 • Average turnover: 303,000 newly activated each day sending spam (increase from 270,000 in Q1 2012) Daily newly activated spam zombies: Jan to June 2012 Source: Commtouch
Q2 Zombie Trends Worldwide Zombie Distribution in Q2 Source: Commtouch • India again claimed top zombie producer title, moving above 20% • Poland, Italy, and Indonesia dropped out of the top 15, replaced by Saudi Arabia, Romania, and more surprisingly, Germany – which has stayed well out of the top 15 for over one and a half years.
Q2 Zombie Trends Download the complete July 2012 Internet Threats Trend Report for more details http://www.commtouch.com/threat-report-july-2012
For more information contact: info@commtouch.com 650 864 2000 (Americas) +972 9 863 6895 (International) Web: www.commtouch.com Blog: http://blog.commtouch.com

Recommended

Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Rod Soto
 
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
Alex Pinto
 
Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025
Dr David Probert
 
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to know
Cyren, Inc
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
Cyren, Inc
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomware
Cyren, Inc
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
Cyren, Inc
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Cyren, Inc
 

Recommended

Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Dynamic Population Discovery for Lateral Movement (Using Machine Learning)
Rod Soto
 
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
From Threat Intelligence to Defense Cleverness: A Data Science Approach (#tid...
Alex Pinto
 
Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025Cybersecurity Trends and CyberVision : 2015 - 2025
Cybersecurity Trends and CyberVision : 2015 - 2025
Dr David Probert
 
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to know
Cyren, Inc
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
Cyren, Inc
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomware
Cyren, Inc
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
Cyren, Inc
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Cyren, Inc
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
Cyren, Inc
 
Webinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatWebinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threat
Cyren, Inc
 
Webinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrimeWebinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrime
Cyren, Inc
 
Webinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsoleteWebinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsolete
Cyren, Inc
 
Webinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacksWebinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacks
Cyren, Inc
 
Webinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of DefenseWebinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of Defense
Cyren, Inc
 
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat ReportWebinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Cyren, Inc
 
Webinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud SecurityWebinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud Security
Cyren, Inc
 
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats ReportWebinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Cyren, Inc
 
Webinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for HealthcareWebinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for Healthcare
Cyren, Inc
 
Webinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseWebinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for Enterprise
Cyren, Inc
 
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend ReportWebinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Cyren, Inc
 
CeBIT 2015 Presentation
CeBIT 2015 PresentationCeBIT 2015 Presentation
CeBIT 2015 Presentation
Cyren, Inc
 
Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats YearbookWebinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Cyren, Inc
 
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Cyren, Inc
 
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Cyren, Inc
 
CYREN Investor Presentation - January, 2015
CYREN Investor Presentation - January, 2015CYREN Investor Presentation - January, 2015
CYREN Investor Presentation - January, 2015
Cyren, Inc
 
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Cyren, Inc
 
Webinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend reportWebinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend report
Cyren, Inc
 
Dual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle CybercrimeDual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle Cybercrime
Cyren, Inc
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
apidays
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
Sandro Moreira
 

More Related Content

More from Cyren, Inc

Webinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseWebinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for Enterprise
Cyren, Inc
 

More from Cyren, Inc (20)

Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
 
Webinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threatWebinar: A deep dive on phishing, today's #1 business threat
Webinar: A deep dive on phishing, today's #1 business threat
 
Webinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrimeWebinar: Botnets - The clone army of cybercrime
Webinar: Botnets - The clone army of cybercrime
 
Webinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsoleteWebinar: How hackers are making your security obsolete
Webinar: How hackers are making your security obsolete
 
Webinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacksWebinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacks
 
Webinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of DefenseWebinar: Cloud-Based Web Security as First/Last Line of Defense
Webinar: Cloud-Based Web Security as First/Last Line of Defense
 
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat ReportWebinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
Webinar: Insights from CYREN's 2015-Q3 Cyber Threat Report
 
Webinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud SecurityWebinar: Dispelling the Myths about Cloud Security
Webinar: Dispelling the Myths about Cloud Security
 
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats ReportWebinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
Webinar: Insights from CYREN's 2015 Q2 Cyber Threats Report
 
Webinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for HealthcareWebinar: CYREN WebSecurity for Healthcare
Webinar: CYREN WebSecurity for Healthcare
 
Webinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for EnterpriseWebinar: CYREN WebSecurity for Enterprise
Webinar: CYREN WebSecurity for Enterprise
 
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend ReportWebinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
Webinar: Insights from CYREN's Q1 2015 Cyber Threats Trend Report
 
CeBIT 2015 Presentation
CeBIT 2015 PresentationCeBIT 2015 Presentation
CeBIT 2015 Presentation
 
Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats YearbookWebinar: Insights from CYREN's 2015 Cyber Threats Yearbook
Webinar: Insights from CYREN's 2015 Cyber Threats Yearbook
 
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
Webinar: That's the Way the Network Perimeter Crumbles - Cybersecurity for th...
 
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
Webinar: Can a Light Bulb Really Pose a Security Threat? A Practical Look at ...
 
CYREN Investor Presentation - January, 2015
CYREN Investor Presentation - January, 2015CYREN Investor Presentation - January, 2015
CYREN Investor Presentation - January, 2015
 
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
Webinar: Is There A Blind Spot In Your Cyberthreat Vision?
 
Webinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend reportWebinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend report
 
Dual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle CybercrimeDual Detection Engines - Using Layered Security to Battle Cybercrime
Dual Detection Engines - Using Layered Security to Battle Cybercrime
 

Recently uploaded

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Commtouch july 2012 internet threats trend report

  • 2. July 2012 Threat Report The following is a condensed version of the July 2012 Commtouch Internet Threats Trend Report You can download the complete report at http://www.commtouch.com/threat-report-july-2012 Copyright© 2012 Commtouch Software Ltd. Recurrent Pattern Detection, RPD, Zero-Hour and GlobalView are trademarks, and Commtouch, Authentium, Command Antivirus and Command Anti-malware are registered trademarks, of Commtouch. U.S. Patent No. 6,330,590 is owned by Commtouch.
  • 4. Trends in Q2 2012… Malware Trends
  • 5. Q2 Malware Trends Blended attacks mix brands and malware The attacks all included similar characteristics: • Well-crafted emails matching those of known companies which were sent out in large volumes. • The emails included links to multiple compromised websites which then redirected to the malware hosting websites. • The compromised websites were often based on the WordPress content management system. • The malware itself was mostly hosted on various .ru domains. • The malware pages showed simple messages such as “Please Wait – Loading” (black text on white). • The same Flash and Adobe Reader exploits were used in most of the malware
  • 6. Q2 Malware Trends Blended attacks mix brands and malware
  • 7. Q2 Malware Trends Movie ticket hoax hides malware on Dropbox • Email offers free movie tickets • Clicking on the links leads to several redirects and scripts • Download of file “entrada_cine.zip” from the following link: • https://dl.dropbox.com/u/689--025/bts/entrada_cine.zip
  • 8. Q2 Malware Trends Email-attached malware • Increase over Q1 levels • Sample attacks: • DHL tracking • “why did you put this photo online”
  • 9. Q2 Malware Trends Top 10 Malware of Q2 2012 Rank Malware name Rank Malware name 1 W32/RLPacked.A.gen!Eldorado 6 W32/Sality.gen2 2 W32/InstallCore.A2.gen!Eldorado 7 W32/RAHack.A.gen!Eldorado 3 W32/Sality.C.gen!Eldorado 8 W32/OnlineGames.FL.gen!Eldorado 4 W32/HotBar.L.gen!Eldorado 9 W32/Vobfus.AD.gen!Eldorado 5 W32/Heuristic-210!Eldorado 10 JS/Pdfka.EV.gen Source: Commtouch
  • 10. Q2 Malware Trends For a complete analysis of Malware in Q2 and the specific attacks employed, download the complete July 2012 Internet Threats Trend Report http://www.commtouch.com/threat-report-july-2012
  • 11. Trends in Q2 2012… Web Security
  • 12. Q2 Compromised Websites Malware and spam campaigns used compromised sites extensively • Sample LinkedIn email leads to simple notice while malware is downloaded • Legitimate site continues to function normally Source: Commtouch
  • 13. Q2 Compromised Websites Website categories infected with malware • Pornographic sites disappeared from the top 10 as many legitimate sites from different categories found themselves hacked and hosting malware Rank Category Rank Category 1 Education 6 Sports 2 Travel 7 Leisure & Recreation 3 Business 8 Health & Medicine 4 Entertainment 9 Fashion and beauty Streaming media and 5 Restaurants and dining 10 downloads Source: Commtouch
  • 14. Q2 Compromised Websites Phishing campaigns also using compromised sites • Sample – Yahoo phishing uses compromised photography site from Romania • Legitimate site continues to function normally Source: Commtouch
  • 15. Q2 Compromised Websites Website categories infected with phishing • During the second quarter of 2012, Commtouch analyzed which categories of legitimate Web sites were most likely to be hiding phishing pages (usually without the knowledge of the site owner). • Portals (offering free website hosting) remained at the highest position. Rank Category Rank Category 1 Portals 6 Business 2 Fashion & Beauty 7 Arts Streaming media and 3 Sports 8 downloads Computers and 4 Shopping 9 technology 5 Education 10 Travel Source: Commtouch
  • 16. Q2 Web Security Download the complete July 2012 Internet Threats Trend Report for more details http://www.commtouch.com/threat-report-july-2012
  • 17. Trends in Q2 2012… Spam Trends
  • 18. Q2 Spam Trends Spammers invent “Facebook Social” Links lead via compromised sites to pharmacy sites Source: Commtouch
  • 19. Q2 Spam Trends Phony MySpace, Facebook emails Links lead to the “wikipharmacy” Source: Commtouch
  • 20. Q2 Spam Trends Spam Levels • Marginal decrease compared to previous quarter • Average daily spam levels dropped to 91 billion spam and phishing emails/day Spam levels – Jan to June 2012 Source: Commtouch
  • 21. Q2 Spam Trends Spam % • Spam averaged 76% of all emails in Q2 Spam % of all emails – Jan to June 2012 Source: Commtouch
  • 22. Q2 Spam Trends Spam cloud for Q2 2012 Subjects include: • Pharmaceuticals (pills, pfizer) • Replicas (Breitling, replica) • Enhancers Source: Commtouch
  • 23. Q2 Spam Trends Spam Topics in Q2 • Pharmacy spam continued to increase, as it did last quarter, to nearly 41% of all spam (~3% more than the previous quarter) • Enhancer and diet-themed spam increased while replica spam dropped almost 8% Source: Commtouch
  • 24. Q2 Spam Trends Top Faked (Spoofed) Spam Sending Domains* Source: Commtouch * Domains used by spammers in the “from” field of the spam emails.
  • 25. Q2 Spam Trends Find out more about Spam Trends in Q2 by downloading the complete July Internet Threats Trend Report http://www.commtouch.com/threat-report-july-2012
  • 26. Trends in Q2 2012… Zombie Trends
  • 27. Q2 Zombie Trends Daily Turnover of Zombies in Q2 • Average turnover: 303,000 newly activated each day sending spam (increase from 270,000 in Q1 2012) Daily newly activated spam zombies: Jan to June 2012 Source: Commtouch
  • 28. Q2 Zombie Trends Worldwide Zombie Distribution in Q2 Source: Commtouch • India again claimed top zombie producer title, moving above 20% • Poland, Italy, and Indonesia dropped out of the top 15, replaced by Saudi Arabia, Romania, and more surprisingly, Germany – which has stayed well out of the top 15 for over one and a half years.
  • 29. Q2 Zombie Trends Download the complete July 2012 Internet Threats Trend Report for more details http://www.commtouch.com/threat-report-july-2012
  • 30. For more information contact: info@commtouch.com 650 864 2000 (Americas) +972 9 863 6895 (International) Web: www.commtouch.com Blog: http://blog.commtouch.com