E-Cards and Love Letters lead Fortinet’s Most Reported Threats for January 2008

Valentine's Day eCard Threat

Fortinet has revealed the top 10 most reported high-risk threat for the first month of the New Year – January 2008. Though Christmas festivities go on only in the last week of December, the malware community seems to yet rejoice the festival. And in fact, the community also seems to welcome Valentine’s Day much before any of us. The carnival for these guys seems to be in the enjoyment of sending across malicious Christmas greeting eCards or love letters. Put together, these disguised celebratory cards accounted to a huge 11 percent of the total threats reported in the month of January.

The report which was put together by Fortinet’s FortiGuard Global Security Research Team, made use of acumen gathered from FortiGateT multi-threat security systems in production around the globe.

Derek Manky, security research engineer for Fortinet said, “With eCards and Valentine spam saturating email accounts along with other threats from last month, we would remind users to ‘think before clicking that link.’ In a cyber world littered with dark alleys, not everyone online is your friend.” Adding, “It should be noted that most legitimate eCards come in the form of a link to the eCard hosting site, using a unique ID, rather than as attachments.”

Below are the highlights of January 2008’s top 10 threats:

Showcasing the power of Storm, a new worm variant – Small.FQS – took the No. 3 position in a one-day Valentine’s campaign. Set free January 16, Small.FQS lured readers with emailed links to a Storm infection.

Trojans Pushu.BYC and Pushdo.DGH were responsible for the propagation of Christmas greeting eCards, put them on the No. 4 and No. 6 positions respectively, on the top 10 threats list.

New adware Agent sat on the No. 8 spot, pushing Bdsearch and TCent from last month off the list.

And the complete list of January 2008’s top 10 threats, as determined by the degree of occurrence (in the form of Rank followed by Threat Name, Threat Type and finally the percent of Detections):

    No. 1: W32/Netsky!similar
    Mass mailer
    10.91

    No. 2: HTML/Iframe_CID!exploit
    Exploit
    7.91

    No. 3: W32/Small.FQS!tr.dldr
    Trojan
    5.87

    No. 4: W32/Pushu.BYC!tr
    Trojan
    2.83

    No. 5: W32/[email protected]
    Mass mailer
    2.53

    No. 6: W32/Pushdo.DGH!tr
    Trojan
    2.53

    No. 7: W32/MalFormedani.C
    Exploit
    2.49

    No. 8: Adware/Agent
    Adware
    2.47

    No. 9: W32/[email protected]
    Mass mailer
    2.24

    No. 10: W32/[email protected]
    Mass mailer
    2.09

Well, what can we say, let love be in the air, but please let its effects not enter your systems, oops I mean computer systems!