SUNNYVALE, Calif, - Feb 1, 2008 - Fortinet® - a pioneer and leading provider of unified threat management (UTM) solutions - today announced the top 10 most reported high-risk threats for January 2008. For the malware community, it would appear that Christmas is not over and it is not too early for Valentine's Day, as some of January's most prevalent attacks were spam disguised as Christmas greeting eCards or love letters. Together, they represent more than 11 percent* of the total threats for the month of January.
The report was compiled by Fortinet's FortiGuard Global Security Research Team, using intelligence gathered from FortiGate™ multi-threat security systems in production worldwide.
Highlights of January 2008's top 10 threats are as follows:
- Displaying the power of Storm, a new worm variant - Small.FQS - took the No. 3 position in a one-day Valentine's campaign. Arriving on January 16, Small.FQS charmed readers with emailed links to a Storm infection.
- Trojans Pushu.BYC and Pushdo.DGH were responsible for the proliferation of Christmas greeting eCards, which earned them the No. 4 and No. 6 spots, respectively, on the top 10 threats list.
- New adware Agent worked its way onto the top 10 list at No. 8, pushing Bdsearch and TCent from last month off the list.
Following is the complete list of January 2008's top 10 threats, as determined by the degree of prevalence:
| Rank |
Threat Name |
Threat Type |
% of Detections |
|---|
| 1 |
W32/Netsky!similar |
Mass mailer |
10.91 |
| 2 |
HTML/Iframe_CID!exploit |
Exploit |
7.91 |
| 3 |
W32/Small.FQS!tr.dldr |
Trojan |
5.87* |
| 4 |
W32/Pushu.BYC!tr |
Trojan |
2.83* |
| 5 |
W32/MyTob.FR@mm Mass |
mailer |
2.53 |
| 6 |
W32/Pushdo.DGH!tr |
Trojan |
2.53* |
| 7 |
W32/MalFormedani.C |
Exploit |
2.49 |
| 8 |
Adware/Agent |
Adware |
2.47 |
| 9 |
W32/Bagle.DY@mm |
Mass mailer |
2.24 |
| 10 |
W32/MyTob.BH.fam@mm |
Mass mailer |
2.09 |
"With eCards and Valentine spam saturating email accounts along with other threats from last month, we would remind users to 'think before clicking that link.' In a cyber world littered with dark alleys, not everyone online is your friend," said Derek Manky, security research engineer for Fortinet. "It should be noted that most legitimate eCards come in the form of a link to the eCard hosting site, using a unique ID, rather than as attachments."
To read the full January report, please visit: http://www.fortiguardcenter.com/reports/roundup_jan_2008.html. For ongoing threat research, bookmark the FortiGuard Center (
http://www.fortiguardcenter.com/ ) or add it to your RSS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html..
* W32/Small.FQS!tr.dldr (5.87%), W32/Pushu.BYC!tr (2.83%) and W32/Pushdo.DGH!tr (2.53%) make up more 11 percent of the total threats for the month of January .
FortiWiFi
FortiAnalyzer
FortiManager
FortiMail
FortiSwitch
FortiAP
FortiBalancer
FortiDB
FortiCarrier
FortiGate
FortiAuthenticator
FortiClient
FortiWeb
