Gumblar Botnet Tops in Fortinet’s April 2010 Threatscape Report
The security firm Fortinet, on May 3, 2010, released its Threatscape report for April 2010. The report revealed the high-profile activities performed by multiple botnets like Sasfis and Gumblar. Gumblar enjoyed with its top rank in Fortinet's list of Top 10 Network Attacks. On the other hand, two of the executables of the Sasfis botnet that are prevalent in the top 10 listings of the security firm, bolstered the botnet's position at the fourth place for spotted malicious network activity.
Sasfis, like Bredolab, is a botnet loader, whose function is to report statistics and execute or retrieve files upon check-in. However, the difference lies in the fact that Sasfis is newer and the botnet does not use encryption. All its messages and communications are disseminated via HTTP unencrypted. However, the botnet continues to propagate aggressively, loading banking trojans into other malicious files.
Cutwail spambot was also observed by Fortinet, which has been actively working for years, distributing virus spam campaigns to its customers. In April, the spam distributed by Cutwail included hazardous links to the eCard zip binaries, or binaries attached with the e-mails. During this period, Fortinet researchers observed that three spam campaigns shared a common motive, promoted from two firms-"web-projects-us.com" and "us-consalt.com", employing similar templates/techniques.
Fortinet also disclosed that mainly Ransomware and Scareware were behind the virus activity observed in April 2010. Unsurprisingly, Scareware has been consistently rampant since the year 2008, and Ransomware is advancing and progressing this year, all because of incentives from affiliate-backed programs, which disburse when the victims buy bogus products.
Fortinet also said that on the top of their predictions for 2010, the rise of Ransomware has already turned into reality. More movement in the positions available for money mules with the emergence of such campaigns is clearly visible to the researchers.
» SPAMfighter News - 5/13/2010
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!