New criminal tactic takes advantage of users' concerns over security
Cyber criminals are sending out false security applications as users become more conscious of the need for safeguards, a leading provider of unified threat management solutions warns.
The tactic was highlighted in the latest report on the level of threats to systems by Fortinet. Malware W32/Multidr.JD!tr and HTML/Agent.HFZ!phish, disguised as security software Antivirus XP 2008 and XP Security Center, claimed the top two positions in Fortinet's top 10, accounting for nearly 20 per cent of suspect activities last month.
Rogue mass mailer Netsky was dislodged from its dominating spot by W32/Multidr.JD after a one-day onslaught late last month when it was sent to users disguised as a vital UPS document.
'Cyber criminals are clearly trying to take advantage of users' security concerns with an intense campaign for rogue security applications this past month,' said Derek Manky, security researcher for Fortinet.
'This is a popular, emerging area that provides a new social engineering approach - black hats posing as white hats.'
Fortinet's FortiGuard global security research team compiled this report based on data from FortiGate multithreat security systems in production worldwide.
The company said customers who used FortiGuard were already protected against the threats outlined in the report.
Other malware trends observed during this period included Virut.A, a persistent virus that infects executable files, which has been in the top five position for seven consecutive months. Though Mytob and Pushdo mass mailers were no longer on the top 10 list, experts warned they still remained a threat. Iframe traffic redirectors also remained a strong threat with indications that it could become more prevalent.
'Since Web-borne attacks are frequent and often involve hijacking and redirecting traffic through such Iframes, we will likely see this trend continue,' a report by FortiGuard stated.
