ESET Releases May Global Threat Report
ESET today announced that, according to the statistical information from ThreatSense.Net, INF/Autorun yet again wins the spot of the top most ranked global threat in May 2011 with 6.58 percent of occurrence. The second most wide-spread malware globally turned to be, for several months now, Win32/Conficker with a 3.61 percent share, followed by yet another old-timer Win32/PSW.OnlineGames with 1.92%.
Last month in cyberspace, Sony PlayStation Network/Qriocity Service breach continued to hit the news with most of the users changing their passwords. Sony has not reported whether credit card details were breached, which has resulted in many people cancelling credit cards used in conjunction with their Sony accounts. "However, the insidious threat that many people may miss is the compromise of the answers to password reset questions. That was some of the data that was reportedly compromised in the breach, and has perpetual consequences if you do not change your security reset answers on other sites as well," says Randy Abrams, Director of Technical Education at ESET.
The way the password reset attack works is that a hacker tries to log into users account. It may be an email account, a social networking account, a blogging account, or another type of online account. The hacker clicks the link for "I forgot my password" and is challenged with security questions. Having obtained the answers from the Sony data breach, the hacker now knows the answers to the reset questions, and, "He is then able to commandeer your accounts, depending on the mechanism that particular sites use in conjunction with the security challenge questions," says Abrams.
Global Threats According to ESET ThreatSense.Net® (May 2011)
Based on ThreatSense.Net, ESET's cloud-based malware collection system, INF/Autorun was listed as the top global threat in May. It is a label that describes a variety of malware using the autorun.inf file as a way to compromise a PC. This file contains information on programs meant to run automatically when removable media (often USB flash drives) are accessed by a Windows PC user. The Win32/Conficker is a network worm originally propagated by exploiting a recent vulnerability in the Windows operating system. Win32/PSW.OnLineGames represents a family of trojans used in phishing attacks aimed specifically at gamers: this type of trojan comes with keylogging and (sometimes) rootkit capabilities which gather information related to online games and credentials of participants.
On ESET's threastcape top five, both in Europe and globally, is HTML/StartPage - a trojan which tries to promote certain websites by modifying the window's registry. The program code of the malware is usually embedded in HTML pages. The aim of this malware is to change the website that is first opened when running Microsoft Internet Explorer (only affected browser). In this way, it promotes a specific website, increasing hits and consequently profit, for the site's creator.
EUROPE, MIDDLE EAST, AFRICA (EMEA)
INF/Autorun returned to top position in European threat statistics with the overall 5.67 percent prevalence. It was the top malware in Romania (8.4%), Poland (7.83%), Israel (6.45%), Ukraine (5.14%) or Austria (4.67%). Win32/Conficker has also placed in top spots in most of the EMEA countries, registering the highest level of occurrence in Bulgaria (5.76%). In the overall European statistics with 2.98 percent, it ranked number three.
European number two on the stats, HTML/StartPage.NAE was the top threat in Turkey (12.93%) and one of the top threats in Spain (3.94%). Finally, JS/Redirector has topped the malware stats in the United Kingdom (3.82%) and Sweden (5.09%) as well as other countries.
Threats in Europe According to ESET ThreatSense.Net® (May 2011)
The full copy of the May 2011 ESET Global Threat Report can be found at: http://www.eset.com/us/resources/threat-trends/Global_Threat_Trends_May_2011.pdf
ThreatSense.Net® is ESET's in-the-cloud malware collection system utilizing data from users of ESET solutions worldwide. This continual streaming of information provides ESET Virus Lab specialists with a real-time accurate snapshot of the nature and scope of global infiltrations. Careful analysis of the threats, attack vectors and patterns serves ESET to fine-tune all heuristic and signature updates to protect its users against tomorrow's threats.
ESET is on the forefront of security innovation, delivering trusted protection to make the Internet safer for businesses and consumers. IDC has recognized ESET as a top five corporate anti-malware vendor and one of the fastest growing companies in its category. Trusted by millions of users worldwide, ESET is one of the most recommended security solutions in the world. ESET NOD32 Antivirus consistently achieves the highest accolades in all types of comparative testing, and powers the virus and spyware detection in ESET Smart Security and ESET Cybersecurity for Mac. Sold in more than 180 countries, ESET's global headquarters is in Bratislava, Slovakia, with distribution headquarters for North America located in San Diego, California. ESET also has offices in Buenos Aires, Prague, Krakow and Singapore and is represented by an extensive global partner network. For more information, visit http://www.eset.com/ or call +1 (619) 876-5400.