GFI Software Reports Continued Malware Infections

July 06, 2011 - 12:00

GFI® Software today announced the top 10 most prevalent malware threats for June 2011. Highlights for the month included continued phishing attacks, notably one affecting microblogging site Tumblr, which compromised up to 8,000 user accounts, making it one of the most successful phishing attacks of its kind. Additionally, June saw scammers distributing rogue antivirus software by taking advantage of search traffic related to popular Pokemon™ video games, as well as luring users to fill out seemingly endless fake questionnaires.

“The Tumblr phishing and spam attacks highlight the importance of building greater awareness about online threats and simple tactics we can all use to defend ourselves,” said Chris Boyd, senior threat researcher at GFI Software. “Some of the attacks we saw in June were aimed at compromising social networking login credentials knowing that many people still use the same username and password for all their online activities, including banking, shopping and email. It is important for users on any social networking site to approach content that looks out of place with care since, as seen on Tumblr, seemingly innocuous attacks can evolve into more serious threats. Also, strengthen your passwords and vary them across all your online accounts to limit your risk and exposure if one is compromised.”

Phishing scams have become increasingly common on social networking sites as scammers have become savvier and bolder in their attacks. In recent months, scammers have used surveys, competitions and the promise of adult content to entice Internet users into divulging their personal information.

GFI also explored the risk of reputation hijacking through legitimate cloud services like Google Docs. The company found a large number of phishing sites using Google Spreadsheets to steal credentials of unsuspecting users.

June also brought some positive news in the fight against online scammers. The U.S. Department of Justice and the FBI announced that they had cracked an international cybercrime ring believed to have scammed more than $72 million through scareware sales. As part of Operation Trident Tribunal, the FBI seized computers, servers and bank accounts in a series of raids.

As the summer months continue to roll on, Internet users should be wary of topical threats, which are potential targets for fake antivirus attacks, SEO poisoning and survey scams. These may include the final Harry Potter film and increasing interest in recently announced Republican presidential candidates.

Top 10 Malware Detections for June
GFI’s top 10 malware list is compiled from collected scan data of tens of thousands of GFI VIPRE® Antivirus customers who are part of GFI’s ThreatNet™ automated threat tracking system. ThreatNet statistics revealed that the vast majority of malware threats found continue to be Trojans, mostly detected in generic form, and that a higher than average number of adware threats propagated during June.

DetectionTypePercent
Trojan.Win32.GenericTrojan29.78
Zugo Ltd (v)Misc (General)2.37
INF.Autorun (v)Trojan1.59
Exploit.PDF-JS.Gen (v)Exploit1.41
Trojan.Win32.Jpgiframe (v)Trojan1.39
Trojan.JS.Redirector.cd (v)Trojan1.32
Trojan-Spy.Win32.Zbot.genTrojan1.20
Pinball Corporation. (v)Adware (General)1.13
Adware.Win32.GenAdware (General)1.12
GameVanceAdware (General)1.07

About GFI Labs
GFI Labs specialises in the discovery and analysis of dangerous vulnerabilities and malware that could be exploited for Internet and email attacks. The research team actively researches new malware outbreaks, creating and testing new threat definitions on a constant basis.

About GFI
GFI Software provides web and mail security, archiving, backup and fax, networking and security software and hosted IT solutions for small and medium-size businesses (SMBs) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of organizations on a global scale. The company has offices in the United States (North Carolina, California and Florida), UK (London and Dundee), Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold Certified Partner.