14 DAY TRIAL // August has passed and a lot of security experts have been writing reviews on the threats of the month. One of the best reports I've seen was made by the Sophos researchers. I gotta hand it to 'em, they really did a nice job. In any case, I was looking at the rankings of the roughest and toughest web-based malware and the first one on the list is Mal/Iframe ("Mal" stands for "Malicious behavior").
Mal/Iframe-F is the name given by Sophos anti-virus products for HTML files that attempt to run malicious files. This will only affect Windows. If you've read security news in August, then you have noticed that many sites have been attacked with this. Actually, about 48 percent of malware reports have been regarding this particular threat. The second place is held by another Mal/ but this time, it's ObfJS-A, this one doesn't do any damage by itself, but it downloads more malware that is bound to actually do something bad. The first trojan in the top is only ranked third and it's called Decdec-A. This will download more code while trying to hide its functions upon scanning.
Those were just a few examples of web-based malware, but August wasn't just about that. There were also a lot of email-borne threats, out of which I mention Netsky, Zafi and Mytob, all three being worms. Actually, out of the first ten, 7 were worms, while only 2 were trojans and one was a malicous behavior.
Other than that, August has been plague by spam and Internet-based scams (the most famous being the Hotmail hoax), just like the rest of the year, I guess. The PDF spam level dropped, but none the less, spam went sky high, let's not forget that no matter if the Chinese are in the Year of the Pig, we, net users are in the Year of the Bot!