Sophos

Talk to our experts

Find your local press contact

Resources

Info feeds

What are info feeds?

2 July 2007

Attacks via web and email strip businesses of cash Sophos announces top ten web and email-borne threats for June 2007

Sophos, a world leader in IT security and control, has revealed the most prevalent malware threats causing problems for computer users around the world during June 2007.

The figures, compiled by Sophos's global network of monitoring stations, show a further sharp rise in web-based threats. Sophos uncovered an average of 29,700 new infected web pages every day - around 80 percent of which were located on hacked legitimate sites.

The top ten list of web-based malware threats in June 2007 reads as follows:

Top ten web threats

Position Malware Percentage
1Mal/Iframe
   64.0%
2Mal/ObfJS
   10.1%
3Troj/Fujif
   3.1%
4Troj/Decdec
   2.7%
5VBS/Redlof
   2.5%
6Troj/Psyme
   3.8%
7Mal/Packer
   1.1%
8=Troj/Ifradv
   1.0%
8=VBS/Haptime
   1.0%
10Mal/Zlob
   0.9%
Others9.7%

Mal/Iframe, which works by injecting malicious code into web pages, has again topped the chart, accounting for nearly two thirds of the world's infected URLs. Earlier this month, a Mal/Iframe attack on multiple Italian websites occurred, making headlines around the world. More than 10,000 web pages were infected, most of which were on legitimate but compromised websites hosted in Italy. Victim websites included Italian city councils, employment services and tourism sites. Most of the affected pages appear to be hosted by one of the largest ISPs in Italy.

"The Italian Mal/Iframe attack should certainly act as a wake-up call to ISPs across the globe," said Carole Theriault, senior security consultant at Sophos. "Malicious code dumped on these websites is just waiting to pounce on innocent surfers. Websites should be as secure as Fort Knox, but at the moment, too many web pages are easy pickings for cybercriminals."

The top ten list of countries hosting malware-infected web pages in June 2007, reads as follows:

Top malware-hosting countries

Position Country Percentage
1China (inc.Hong Kong)
   59.3%
2United States
   23.9%
3Russia
   3.6%
4Germany
   1.7%
5Ukraine
   1.4%
6Italy
   1.0%
7=Taiwan
   0.8%
7=Brazil
   0.8%
7=United Kingdom
   0.8%
10Canada
   0.6%
Others6.2%

While China retains its position at the top of the chart this month, Italy is a new entry and this is largely due to the Iframe attack. ObfJS, which was the second most prevalent web-based threat this month, also contributed to Italy's status in the top ten, following a potent attack on a popular, legitimate web page early in June.

"The fact that China is responsible for such a hefty proportion of the world's infected web pages, should not make other countries rest on their laurels, " continued Theriault. "Italy's rise into the top ten highlights the need for countries around the world to educate ISPs and website administrators to ensure they are properly secured against web threats."

The top ten list of email-based malware threats in June 2007 reads as follows:

Top ten email threats

Position Last
month
Malware Percentage of reports
12W32/Netsky
   31.4%
23W32/Mytob
   20.9%
3NewMal/Iframe
   10.9%
45W32/MyDoom
   6.4%
58W32/Sality
   5.4%
6=6W32/Zafi
   5.0%
6=8W32/Bagle
   5.0%
8=Re-entryMal/DownLdr
   2.6%
8=Re-entryW32/Stratio
   2.6%
1010W32/Nyxem
   2.0%
Others7.8%

Interestingly, Mal/Iframe's appearance in the email-based chart demonstrates that it is not limited to only infecting via the web. Hackers can embed the malware into emails using HTML to exploit users.

A graphic of the top ten email-based malware chart is available.

Top ten hoaxes and chain letters

Position Hoax Percentage of reports
1Hotmail hoax
   32.7%
2Olympic torch
   8.6%
3A virtual card for you
   3.2%
4Meninas da Playboy
   2.6%
5Bonsai kitten
   2.4%
6MSN is closing down
   1.9%
7Bill Gates fortune
   1.9%
8M&S vouchers
   1.8%
9Justice for Jamie
   1.7%
10Music Top 50
   1.6%
Others41.6%

Sophos experts have compiled simple best practice guides to adopting a multi-layered defense. With blended threats, spam and phishing attacks on the rise it has never been more important to educate end users about how best to protect themselves.

PDF Readers Choice Awards 2009
Information Security Magazine
  • Please vote for Sophos and Utimaco!
  • Subscribe to the Information Security
    newsletter to vote.

About Sophos

Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com

See also: