فا

‫ McAfee Threats Report: Second Quarter 2011 – 2nd Section

IRCRE201109078
Date: 2011-09-23
The McAfee Labs has studied the security threats of the second half of 2011 in a report. The following report is briefing the second section of the report.
Messaging Threats

Messaging threats continued a mild decline from last quarter, although the drop is not significant. A coordinated effort last quarter among several security providers, law enforcement, and even CERTs was able to shut off major amounts of botnet zombies and their command structure. We expect to again see sharp rises in spam; in the mean time, we continue to watch this area closely. Although the volume of spam remains at historic low levels, the spearphishing (a class of spam) that we see today is more targeted and effective than ever. This vector continues to evolve.

This quarter McAfee Labs has observed the Rustock botnets. Meanwhile the Maazben, Cutwail, and Bobax botnet masters have stepped up their activity. Of these three dominant botnets, Maazben clearly outpaces the others in worldwide usage and influence.

There has been steady growth in new botnet infections throughout the quarter. This is an interesting juxtaposition when we consider the worldwide drop in spam. Clearly botnet usage is in a state of transition. Given the growth and goals of hacktivists, we expect to see major changes in how botnets are used.

Spam lures and their subjects continue to show diversity. “Nigerian 419 scams” seemed a bit more popular this quarter globally while lotto scams were also prevalent in many parts of the world, along with the long-time subjects of bogus DSN and gambling spams. Social engineering with lures based on location is certain to continue, as scammers understand the diversities in their global audience.
Web Threats

Websites can have bad or malicious reputations for a variety of reasons. Reputations can be based on full domains and any number of subdomains as well as on a specific IP address or URL. Malicious reputations are influenced by the hosting of malware, unwanted programs, or phishing sites. Often we observe combinations of questionable code and functionality. Many factors go into a site’s reputational rating. Last quarter McAfee Labs recorded an average of 8,900 new bad sites per day.

We saw some significant spikes in malicious web content this quarter. On May 31, spam campaigns distributed fraudulent URLs hosting Zeus-related malware. Among these sites were undss-syria.org, baranava.com,emajic.net, and sturtholdfastmarioncc.com. The vast majority of these new malicious sites are located in the United States. Next in line, we find South Korea, Netherlands, Canada, United Kingdom, China, and Germany.

In the first quarter our top countries were the United States, South Korea, Germany, and China. This quarter, however, is quite different. Our regional breakdown reveals where most malicious servers reside:

North America, primarily the United States, still dominates, but the figure for the combined region of Europe, the Middle East, and Africa has increased to 25 percent from 18 percent in the first quarter. Let’s take a deeper look at some regions:

This quarter, the number of websites hosting malicious downloads has again increased, while the amount of sites that host browser exploits was unchanged:

This quarter we also observed a continued increase in blogs and wikis with malicious reputations.
Websites Delivering Malware and PUPs

The following chart provides a picture of the number of websites delivering malware and potentially unwanted programs (PUPs) that McAfee Labs detected this quarter.

We saw a small increase this quarter with around 3,000 new sites per day compared with 2,700 per day during the first quarter.
Phishing Sites

This quarter we identified approximately 2,700 phishing URLs per day, up slightly from 2,500 per day last quarter.

Resource:
McAfee Threats Report: Second Quarter 2011, McAfee Labs

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

مشخصات خبر

 
تاریخ ایجاد: 25 بهمن 1390

برچسب‌ها

امتیاز

امتیاز شما
تعداد امتیازها: 0