Norman issues security analysis report for the first half of 2010
Press release
Oslo, Norway – 6. July 2010 – Norman, a leading security innovator serving single desktops to complex corporate and government networks, today issued a security analysis report detailing trends on the top security internet threats for 2010.
Norman noted that cyber criminals are putting increasing emphasis on using social media platforms like Facebook and Twitter as effective spread mechanisms for malware. In the past, they put nearly all of their efforts into compromising PC operating systems.
On example of social media malware making a mark in the first half of 2010 is W32/Koobface. Malware in the W32/Koobface family first appeared in 2008, became widespread during 2009, and continued to be a major threat to Facebook users in the first half of 2010.
A computer infected by Koobface, automatically sends messages with malicious links to the computer owner's contacts on various social networking sites. The worm will search through cookies on the computer looking for login credentials for various social networking sites. Using the information gathered from the cookies, the worm connects to these sites and starts sending messages to friends and contacts.
Norman also noted that fake antivirus programs continued to plague many home PC users. Rogue antimalware programs have been around for a long time. In recent years however, they have become increasingly widespread, and represent a major problem for those that get infected. These programs are usually quite difficult to get rid of, as they often consist of many different malicious elements .
Rogue antimalware programs' most used spreading mechanism is drive-by infections from visiting web sites. One popular technique is to manipulate search engines to display results from web sites that are infected by fake antimalware. One focuses on "hot" search words, which might be big media events and other issues that people usually search for. New, non-planned events are those that are best suited for search engine manipulation.
Of course, tried and true malware like Conficker is still kicking around and should not be taken lightly. The Conficker worm first appeared near the end of 2008, and the Conficker family of worms reached its peak in 2009. However, it was still a major problem for many users during the first half of 2010.
W32/Conficker exists in several variants and is a network propagating worm that has the ability to update itself by downloads from the Internet. These downloads are from a subset of servers chosen by the worm from a very large set of generated potential download servers.
The complete Norman analysis report for 2010 is available at http://www.norman.com/security_center/security_center_archive/2010/84466/en
For more information, contact:
Øivind Barbo, Product Marketing Manager, tlf +47 920 14 666
