14 DAY TRIAL // ScanSafe, a renowned SaaS Security provider, has issued its second Quarter Global Threat Report. The results present a dark image of the Internet, with various fields were virus attacks and web malware numbers have risen considerably from Q1 results. From all the malware, the feared Gumblar botnet is dominating the online virus attacks with 14% from all malware attacks.
In the second quarter of 2009, web-transmitted malware has increased 36% from its Q1 value. This comes after a numerous family of new viruses has hit the web damaging PCs, stealing data and financial information.
In a similar Panda Security study, it was proven that about 52% of all new malware sticks around only four about 24 hours, trying to flood anti-virus and security companies with huge amounts of work, so real threats won't get noticed until it's too late or the damage has been done.
The ScanSafe report presents a bleak view of web attacks in Q2, Gumblar accounting for about 14% of all attacks. The botnet that infects web servers and web page visitors installing malcode on local PC files that later redirect users to fraudulent websites through Google peaked between mid-April and mid-May.
In that period, 88% of all Gumblar blocks at ScanSafe were from zero-day threat prevention technologies and only 12% from classic signature-based methodologies.
"The fact that the most serious threat of the year was not detectable by most standard antivirus signatures should serve as yet another wake up call to the security community," said Mary Landesman, senior security researcher at ScanSafe, about Gumblar. “The evasiveness and sophistication of the Gumblar threat has set quite a precedent for threats to come.“
Malware was constantly embedded in JPEG images, octet-streams and HTML code carrying out more than 60% of all attacks from this form. The top three malware types blocked between April and the start of July were iframe&exploit attacks (43%), backdoor & data-theft trojan attacks (28%) and general trojan infiltrations (17%).
The biggest increase since Q1 was recorded in data-theft trojans, a category that went up 37%, managing to place five different viruses in the top ten threats of Q2. Many of them can be remotely configured by attackers, adapting to targets, having the ability to sniff, intercept and modify network traffic.
