Japanese earthquake, tsunami and nuclear disasters created opportunity for new cyber schemes in March
GFI Software, a leading IT solutions provider for small and medium-sized enterprises, today announced the top 10 most prevalent malware threats for the month of March 2011. The top 10 is compiled from collected scan data of tens of thousands of VIPRE customers who are part of GFI’s ThreatNet™ automated threat tracking system. Notably, GFI researchers found that the Japanese tsunami, earthquake and subsequent nuclear disasters led to a high volume of insidious cyber attacks during the month.
“In March, we saw an apparently endless collection of scams related to the earthquake and tsunami in Japan, including fake donation websites, Facebook clickjacking and 419 spam emails (otherwise known as advance-fee frauds, where the target is fraudulently persuaded to advance sums of money). In addition, we also observed search engine poisoning involving radiation levels that sent people to malware sites.” said Christopher Boyd, senior threat researcher, GFI Software. “We’ve provided some details and a list of suggestions to help users avoid falling victim to these scams.”
March also saw many other varied forms of attack, including numerous rogue Facebook applications, ransomware (which locks users out of their PCs until they call a long distance toll line for an unlock code), and the usual glut of fake antivirus programs and system defragmenters.
Scammers are also starting early in the build-up to Easter with SEO poisoning related to printable Easter cards and Skype calls from individuals who attempt to have their victim visit a URL that promotes a fake antivirus program.
ThreatNet statistics show that Trojans made up seven of the top 10 malware threats of the month. Trojans detected as Trojan.Win32.Generic!BT (a generic detection that encompasses a broad array of Trojans) continue to be the number one threat, accounting for 20.61 percent of total malware found.
Top 10 detections for March
| Detection | Type | Percent |
| Trojan.Win32.Generic!BT | Trojan | 20.61 |
| Fraudtool.Win32.Securityshield.ek!e (v) | Trojan | 4.09 |
| Trojan.Win32.Generic.pak!cobra | Trojan | 3.68 |
| Trojan-Spy.Win32.Zbot.gen | Trojan | 3.11 |
| Zugo LTD (v) | Adware | 2.74 |
| Trojan.Win32.Generic!SB.0 | Trojan | 1.78 |
| Worm.Win32.Downad.Gen (v) | Worm | 1.54 |
| INF.Autorun (v) | Trojan | 1.51 |
| Fraudtool.Win32.Securityshield.ek!c (v) | Trojan | 1.48 |
| Pinball Corporation (v) | Adware | 1.33 |
About GFI Labs
GFI Labs specializes in the discovery and analysis of dangerous vulnerabilities and malware that could be exploited for Internet and email attacks. The research team actively researches new malware outbreaks, creating and testing new threat definitions on a constant basis.
About GFI
GFI Software provides web and mail security, archiving, backup and fax, networking and security software and hosted IT solutions for small and medium-size businesses (SMBs) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of organizations on a global scale. The company has offices in the United States (North Carolina, California and Florida), UK (London and Dundee), Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold Certified Partner.