Attackers Primarily Targeted Unpatched Systems in January 2009
In its recently published 2009 Threatscape report, Fortinet indicates that there was an increase in attacks exploiting vulnerabilities on unpatched computers. Security firm reached this conclusion after discovering the highest proliferating Internet threats during January 2009,
The firm further reports that a heap-based overflow flaw (first identified in October 2008 and highlighted in Microsoft Security Bulletin MS08-067) was exploited to launch numerous attacks against unpatched systems since the last days of December 2008 to January 2009. The flaw impacts systems with operating software like Windows 2000, XP, Vista, Server 2008 and Server 2003. The series of attacks peaked its activity on January 14, 2009.
Security researchers at Fortinet said that while the heap-based overflow flaw continues to encourage high malicious activity, it is recommended that users ensure appropriate security measures like possessing a legitimate IPS solution and implementing proper patch management.
Researchers further report that there was a continuous increase in Internet gaming malware during January 2009, with Spy/OnLineGames and W32/Dropper.VEM!tr trojans continue to show impressive growth. The study also said that the first Trojan ranked the highest on the Top 100 malicious program list of the company, while the second Trojan surged enormously.
As per the researchers, this demonstrates that cyber miscreants are currently paying more attention to using Internet gaming malware that steal passwords, credit card data and other personal information. Countries that have been most targeted with these malware are the US (45%), Japan (43%), China (26%), India (20%) and Taiwan (20%).
Fortinet also revealed that spam levels kept on increasing during January 2009 and wholly restored the pre-McColo levels. Spam rates briefly dropped in November 2008 after shutting down of McColo. Also, in the wake of the economic downturn, spam schemes that were most popular related to education and diploma as well as positive wage structure.
According to Fortinet, in January 2009, a new network of bots was created, with cyber criminals widely using the Barack Obama socially engineered campaigns. This botnet expanded through the Waledac-generated spam.
Meanwhile, to protect against social engineering and spam campaigns, Fortinet suggests appropriate web filtering, proper anti-spam and intrusion prevention systems and the right antivirus.
Related article: Attackers Use Another ‘Word Flaw’ To Plant Trojan
» SPAMfighter News - 20-02-2009