Malware threats double in first three months of year

Malware threats more than doubled in the first three months of the year, said internet security firm Sophos.

Malware threats more than doubled in the first three months of the year, said internet security firm Sophos.

In the first quarter of 2007, Sophos identified 23,864 new threats - more than double the number found in the same period last year when the company identified 9,450, causing concern for security bosses.

At the same time, the percentage of infected email has dropped from 1.3%, or one in 77 emails in the first three months of 2006, to one in 256, or just 0.4 percent in 2007.

But from January to the end of March, Sophos identified an average of 5,000 new infected webpages every day, indicating that this route to infection is becoming more popular with cybercriminals. 

With computer users becoming increasingly aware of how to protect against email-aware viruses and malware, hackers have turned to the web as their preferred vector of attack, said Sophos.

Not all of the infected websites were created by the hackers themselves. Sophos has found that the majority
- 70% - were bonafide websites that were vulnerable to attack because they were unpatched, poorly coded or had not been maintained by their owners. 

The most high profile website infection of the quarter happened in February, when hackers placed malicious script, identified as Mal/Packer on the official Miami Dolphins website. 

The American football team was due to host the Super Bowl the weekend after this happened, so its site was an extremely popular destination for web surfers at the time. 

The top ten malware families hosted on websites in the first three months of
2007 were as follows:

  1. Troj/Fujif         50.8%
  2. Troj/Ifradv        12.1%
  3. Troj/Decdec        10.4%
  4. Mal/Packer          6.3%
  5. JS/EncIFra          5.5%
  6. Mal/FunDF           2.3%
  7. Mal/Psyme           2.2%
  8. Troj/Zlob           2.0%
  9. Mal/Behav           1.2%
 10. Mal/DelpBanc        0.4%
 Others              6.8%

UK outside spammers' 'dirty dozen'>>

Preventing malware with tools and security education>>

NASA hacker loses US extradition appeal>>

Miami Dophins>>



Read more on IT risk management