Fortinet Announces Top Reported Threats for May 07

Press Release

Fortinet Announces Top Reported Threats for May 2007

Sydney, – 5th June 2007– Fortinet® – the pioneer and leading provider of unified threat management (UTM) solutions – today announced the top 10 most reported high-risk threats for May 2007. The report, compiled from all FortiGate™ multi-threat security systems in production worldwide, is a service of the Fortinet Global Security Research Team.

May 2007’s top 10 threats, as determined by the degree of prevalence are:

Rank Threat Name Threat Type % of Detections
1 W32/Dialer.PZ!tr Dialer 9.66
2 W32/Bagle.DY@mm Mass mailer 7.43
3 W32/Netsky.P@mm Mass mailer 7.15
4 HTML/BankFraud.E!phish Phish 6.54
5 HTML/Iframe_CID!exploit Exploit 5.97
6 W32/Sober.AA@mm Mass mailer 5.52
7 W32/Stration.JQ@mm Mass mailer 4.15
8 W32/ANI07.A!exploit Exploit 3.68
9 W32/Grew.A!worm Worm 3.20
10 W32/Bagle.GT@mm Mass mailer 2.73

Though phishing threats topped the list in past malware reports, Fortinet threat researchers reported something rather unique in May with the strong surge of W32/Dialer.PZ!tr. This marked the first time that a malware threat resulting from the combination of a bot and a dialer showed such a high activity, reaching the top position of Fortinet’s threat list.

W32/Dialer.PZ!tr is designed to dial premium long distance numbers, however like all bots it may also download, execute and upgrade components. W32/Dialer.PZ!tr was primarily reported throughout Mexico and the United States, with Europe and Africa being the destination locations for the calls. Requiring the use of an analog modem for dialing, an assumption can be made that cyber criminals targeted Mexico due to the country’s high use of dial-up modems, and the United States for its high population. Malware such as this, which involves a bot embedding a dialer, is particularly rare and in this domain, the volume of W32/Dialer.PZ!tr is unprecedented. Fortinet threat researchers believe the introduction of this malware can possibly be linked to the rise of bots and the global DSL-ization of personal Internet connections, which also triggered the extinction of the dialers.

Other notable malware that occurred in May included a resurgence of the well-known mass mailer Sober in the form of W32/Sober.AA@mm, which witnessed the highest amount of activity since January 2006. Additionally, similarly to last month, W32/Stration.JQ was also active, with a large amount of activity occurring during the last part of the month.

To read the full Fortinet FortiGuard™ Malware Report for May, please visit http://www.fortiguardcenter.com/reports/roundup_may_2007.html. For ongoing threat research, bookmark the FortiGuard Center (http://www.fortiguardcenter.com/) or add it to your RSS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html.

About Fortinet (www.fortinet.com)
Fortinet is the pioneer and leading provider of ASIC-accelerated multi-threat security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, VPN, spyware prevention and antispam--providing customers a way to protect multiple threats as well as blended threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified eight times over by the ICSA (firewall, antivirus, IPSec, SSL, IPS, client antivirus detection, cleaning and antispyware). Fortinet is privately held and based in Sunnyvale, California.
# # #
Fortinet is a registered trademark of Fortinet, Inc. Fortinet, FortiGate, FortiOS, FortiAnalyzer, FortiASIC, FortiCare, FortiManager, FortiWiFi, FortiGuard, FortiClient, and FortiReporter are trademarks of the Fortinet, Inc. in the United States and/or other countries. All other trademarks referred to herein are the property of their respective owners.

ENDS

© Scoop Media