Cisco Observes Surge in Java Attacks

Cisco recently launched its Global Threat Report for the third Quarter of 2010 on November 17, 2010. According to the report, Java exploits seems to be augmenting as attacks targeting Adobe Reader and Acrobat reduced.

Commenting on the findings, Mary Landesman, Market Intelligence Manager at Cisco, stated that, malware attacks targeting Sun Java augmented from 5% of all attacks in July 2010 to 7% in September 2010, as reported by InformationWeek on November 17, 2010. She further added that, on the other hand, PDF malware attacks targeting Adobe Reader and Acrobat reduced during the third quarter of 2010, from around 3% in July 2010 to 1% in September 2010.

Landesman stated that the, reduce in Adobe exploits possibly has something to do with the platform being more safe. Rather, cybercriminals have shifted away from Adobe platforms to find other circulation techniques for attacks, like vulnerable Java applications. She further added that, cybercriminals moved towards Java, partially, because of higher accessibility of public exploit code, amongst other reasons, as reported by Crn on November 17, 2010.

Landesman highlighted that, malware writers also shifted toward Java exploits as they are usually first to be transferred when netizens visits a hacked website. Other reasons for this trend could be credited to the fact that, Java updates are still not, on the public radar, attached with an unpredictable update delivery model that at times left outdated versions of the application on the computer along with the recently installed patches.

Apart from the above mentioned findings, the latest report by Cisco states that Stuxnet exploiting the Windows Print Spooler flaw was the fifth most widespread event, which the team discovered during the third quarter of 2010.

Notably, according to the report, Stuxnet was extremely widespread in the UK during the third quarter of 2010. Around 38% of the users, who were infected by this botnet, were within the nation. On the other hand, 25% victims of the Stuxnet botnet were found in Hong Kong. The Netherlands, Australia, and Brunei were other favorite destinations for the malware distributors.

Furthermore, the report analyzed the outbreak of "Here You Have" e-mail. According to the analysis, around 79% of the clicks that took place during the initial three hours of the computer worm's spread and constituted around 10% of the total spam amount prior to it was taken offline.

Related article: Cisco Finds Two Vulnerabilities and Recommends for Patches

» SPAMfighter News - 11/26/2010