PDFs Responsible for 80% of Malicious Actions During 2009
According to a report 'Global Annual Threat Report 2009' by California based security company ScanSafe, exploits of PDF documents escalated throughout the year 2009.
The report highlights that during Q1-2009, malevolent PDF files accounted for 56% of total files scanned by ScanSafe. The rate increased beyond 60% during Q2-2009, more than 70% during Q3-2009 and finally ended at 80% during Q4-2009.
Mary Landesman, Senior Security Researcher at ScanSafe and author of the yearly threat report, remarked about these interesting discoveries. She stated that the use of PDF exploits were normally attackers' first attempts, as reported by ComputerWorld on February 16, 2010.
Data given in the report suggests that the trend of PDF exploits was prevalent in 2009. However, it is difficult to say why hackers primarily target Adobe, according to Landesman.
She commented that perhaps attacks against Adobe yielded relatively more successful results.
Other security firms also observe similar trends as ScanSafe do. According to them, cyber criminals are primarily targeting Adobe software. ScanSafe states that crooks follow this trend possibly because PDF files have several vulnerabilities and they are widely accepted and used at workplaces. In this context, F-Secure (an antivirus vendor) even recommends that Reader should be abandoned and a substitute application adopted.
While there was a rise in PDF exploits throughout 2009, ScanSafe's report also underscores that there was a drop in Flash exploits to 18% during Q4-2009 from 40% during Q1-2009.
The report also suggests that attack codes against Excel and Word accounted for close to 1% of the total attack codes detected during 2009. Malevolent graphic files accounted for 10% of the total Web-based malware, while Gumblar attacks accounted for 14% and the largest of the total Web-based malware during the year.
Furthermore, hacks and malicious software attacks from two botnets namely 'Asprox' and 'Zeus' accounted for 2% and 1% of the total Web-based problems respectively. During 2009, 45% of the total malware attacks on the Web related to iFrames and exploits involving hijacked websites.
The report concludes by recommending all to install the better Internet security software available to get rid of any malicious content on their PCs.
Finally, the report suggests every computer user to deploy the improved security application obtainable towards eliminating any malware that may be inflicting his computer.
» SPAMfighter News - 24-02-2010