Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    April 2015
    S M T W T F S
    « Mar    
  • Email Subscription

  • About Us

    5:00 am (UTC-7)   |    by

    As 2010 comes to a close, here’s a list of the riskiest items we encountered in the past year:

    • Hardware: The riskiest hardware device used in 2010 was the German identification card reader. These cards contain encoded private information such as fingerprints. Unfortunately, the information on them can be quite easily stolen by using certain card readers.
    • Website software: The riskiest software used by websites in 2010 was the popular blogging platform WordPress. Tens of thousands of unpatched WordPress blogs were used by cybercriminals for various schemes, primarily as part of redirection chains that led to various malware attacks or other blackhat search engine optimization (SEO)-related schemes.
    • IP: The most dangerous IP used in 2010 was Internet Relay Chat (IRC). Thirty percent of all botnets used IRC to communicate with infected machines and their command-and-control (C&C) servers. Fortunately, blocking IRC use in networks reliably stops botnets.
    • OS: The riskiest OS used was Apple’s Mac OS X. In November, Apple sent users a massive maintenance release that weighed in at at least 644.48MB. The weighty upgrade included fixes for multiple security vulnerabilities since the previous update released in mid-June. Apple’s penchant for secrecy and longer patch cycles also increased the risk for users.
    • Website: The most dangerous website in the world was Google. Its tremendous popularity led cybercriminals to target it specifically for blackhat SEO-related schemes, which in turn, led users to significant malware threats, particularly FAKEAV. In addition, Google’s ad network was also frequently victimized by malvertisements.
    • Social network: In another case wherein popularity led to danger, Facebook could be considered the most dangerous social networking site around. Everything from survey scams to KOOBFACE malware proliferation ensued on the site, as cybercriminals went where the people were, that is, Facebook.
    • Top-level domain: The most dangerous top-level domain in the world was CO.CC, which allowed cybercriminals to register thousands of domains on the fly with very little in the way of verification. This, along with Russian ISPs that routinely refused to shut down malicious sites, made for a very dangerous combination.
    • File format: PDF was the riskiest file format in 2010, as Adobe Acrobat and Reader vulnerabilities routinely became part of exploit toolkits.
    • Runtime environment: The most dangerous runtime environment for users in 2010 was Internet Explorer (IE) with scripting enabled. Even today, most browser exploits specifically target IE. However, Java is quickly becoming a more prominent target and could become the prime target in 2011.
    • Infection channel: The most common infection channel was still the browser, as more than two-thirds of all infections used this as infection vector. Previous infection methods like flash disks and spammed messages were still around but were less prominent than before.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    • Patrick

      TreX wrote:
      It is typical for a Windows user to have to reformat the hard disk every year or so to get rid of malware…

      TreX that only applies to users who have hit thier heads on something. Since 1994, I have reformatted twice. Once to replace the Dell installation on my AMD X2 with a clean Windows install. The second, ditto for my new AMD X3.

    • dE

      Apple at least cares to fix the updates, MS dudes don't even care… they just care money. There are tons more security vulnerabilities in Win that ain't even known. Why will a crackers revile it? Why will anyone revile it in the money minded developer community of MS? They wanna get paid for every character they code and end up making rubbish software in the process.

      BTW, why do you think Trend Micro will even write Windows here… to make MS slaves like you quit Windows and leave and dump their shiny 'antivirus' software?

    • Pingback: Google, Facebook Top 2010 Most Dangerous List | GovCon Executive()

    • Pingback: WTF : Top 10 chez Trend Micro… |

    • kompix

      @trex, why don't you get the facts yourself before you post your comment. saying that Mac users do not have to worry about security stuff when apple indeed sent users a massive maintenance release weighing 644.48MB is just hilarious… you don't know anything about security, do you?


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice