Threats in May: Playstation Breach – Password Reset Attack Looming; INF/Autorun – Top-ranking Global and European Malware

Next story

INF/Autorun, according to the statistical information from ThreatSense.Net, yet again wins the spot of the top most ranked global threat in May 2011 with 6.58 percent of occurrence. The second most wide-spread malware globally turned to be, for several months now, Win32/Conficker with a 3.61 percent share, followed by yet another old-timer Win32/PSW.OnlineGames with 1.92%.Last month in cyberspace, Sony PlayStation Network/Qriocity Service breach continued to hit the news with most of the users changing their passwords. Sony has not reported whether credit card details were breached, which has resulted in many people cancelling credit cards used in conjunction with their Sony accounts. “However, the insidious threat that many people may miss is the compromise of the answers to password reset questions. That was some of the data that was reportedly compromised in the breach, and has perpetual consequences if you do not change your security reset answers on other sites as well,” says Randy Abrams, Director of Technical Education at ESET.The way the password reset attack works is that a hacker tries to log into users account. It may be an email account, a social networking account, a blogging account, or another type of online account. The hacker clicks the link for “I forgot my password” and is challenged with security questions. Having obtained the answers from the Sony data breach, the hacker knows the answers to the reset questions “He is then able to commandeer your accounts, depending on the mechanism that particular sites use in conjunction with the security challenge questions,” says Abrams.Global Threats According to ESET ThreatSense.Net® (May 2011) /><strong>About ThreatSense.Net®</strong>ThreatSense.Net® is ESET’s in-the-cloud malware collection system utilizing data from users of ESET solutions worldwide. This continual streaming of information provides ESET Virus Lab specialists with a real-time accurate snapshot of the nature and scope of global infiltrations. Careful analysis of the threats, attack vectors and patterns serves ESET to fine-tune all heuristic and signature updates ̶ to protect its users against tomorrow’s threats.<hr> <h3>About ESET</h3> <p>Founded in 1992, ESET is a global provider of security solutions for businesses and consumers. The Company pioneered, and continues to lead, the industry in proactive threat detection. ESET NOD32 Antivirus holds the world record for the number of Virus Bulletin "<em>VB100</em>” Awards, and has never missed a single “<em>In-the-Wild</em>” worm or virus since the inception of testing in 1998. ESET NOD32 Antivirus, ESET Smart Security and ESET Cybersecurity for Mac are trusted by millions of global users and are among the most recommended security solutions in the world.</p> <p>The Company has global headquarters in Bratislava (Slovakia), with regional distribution headquarters in San Diego (U.S.), Buenos Aires (Argentina), and Singapore. ESET has malware research centers in Bratislava, San Diego, Buenos Aires, Prague (Czech Republic), Krakow (Poland), Montreal (Canada), Moscow (Russia), and an extensive partner network in 180 countries.</p> </p>