Categories: SecurityWorkspace

USB Worms And Disasters Top Threat List

Fewer new threats were reported in the first quarter of this year, compared to last year, but attackers are moving with the times, according to McAfee’s latest threat report.

Security vendor McAfee received 3.75 million reports of new threats and exploits in the first quarter of 2010, compared with four million in the same period last year. However, within the threats reported, targeted attacks on companies grew, as did phishing attacks built on current events such as volcanos and earthquakes.

Fewer threats added, but nastier ones

“This is the first time we’ve seen a downtrend in new threats,” said Greg Day, director of security strategy for McAfee in EMEA. Although new malware can be easily generated by toolkits, it appears not to be growing at the same rate as before, he said.

The attacks that happen are more likely to be targetted, like the Operation Aurora event from China which hit Google and others in January, he said.

More widespread phishing attacks have used news events to hit users in vulnerable spots, he said, in particular right now, a series of social-engineering phishing emails, which purport to offer income tax rebates to UK residents.

Previous phishing scams have addressed news items such as the volcanic ash cloud and the Haiti earthquake – where phishers got four million downloads in ten days – and the launch of the iPad. Although most people are wise to them, enough still succumb to make it worth the villains’ while, said Day.

Fake AV, USB worms and spam

Another growth area is bogus security solutions, said Day: “That is the fourth most common submission we saw in the quarter. It’s a grey area, because people are downloading it and agreeing to pay money for it.” In some cases it’s software that is not fit for purpose, and sold on through third parties.

There’s an element of nostalgia in the top security threat of the quarter though, said Day. USB worms like Conficker “spread in the old style, through portable media.” This is finally going to make businesses listen to the “smarter people” who have been telling them to lock down USB drives for a long while, and at least turn off Autorun, he said. “Businesses have left this one because of the cost of user education, but now the tide is turning. We only change our behaviour when forced to do so.”

According to the report, spam email subjects vary greatly from country to country, with diploma spam [selling fake qualification certificates] on the rise out of China and other Asian countries. Other attacks included poisoned web searches, and new malicious URLs – usually hosted in the US.

One very interesting development, Day reports, is an apparent breach of the Captcha system that prevents robots abusing websites. According to a US newspaper report, an attacker managed to buy $29 million (£20m) worth of restricted tickets for Bruce Springsteen and other concerts by using a bot to buy them quicker than humans could.

For a copy of the Q1 2010 Threats Report, please visit McAfee.

Peter Judge

Peter Judge has been involved with tech B2B publishing in the UK for many years, working at Ziff-Davis, ZDNet, IDG and Reed. His main interests are networking security, mobility and cloud

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

3 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

3 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

3 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

4 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

4 days ago