2010's Most Dangerous List | Trend Micro

May 2013
S	M	T	W	T	F	S
« Apr
	1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

Dec29

2010 in Review: 2010′s Most Dangerous List

5:00 am (UTC-7) | by Martin Roesler (Director for Threat Research)

As 2010 comes to a close, here’s a list of the riskiest items we encountered in the past year:

Hardware: The riskiest hardware device used in 2010 was the German identification card reader. These cards contain encoded private information such as fingerprints. Unfortunately, the information on them can be quite easily stolen by using certain card readers.
Website software: The riskiest software used by websites in 2010 was the popular blogging platform WordPress. Tens of thousands of unpatched WordPress blogs were used by cybercriminals for various schemes, primarily as part of redirection chains that led to various malware attacks or other blackhat search engine optimization (SEO)-related schemes.
IP: The most dangerous IP used in 2010 was Internet Relay Chat (IRC). Thirty percent of all botnets used IRC to communicate with infected machines and their command-and-control (C&C) servers. Fortunately, blocking IRC use in networks reliably stops botnets.
OS: The riskiest OS used was Apple’s Mac OS X. In November, Apple sent users a massive maintenance release that weighed in at at least 644.48MB. The weighty upgrade included fixes for multiple security vulnerabilities since the previous update released in mid-June. Apple’s penchant for secrecy and longer patch cycles also increased the risk for users.
Website: The most dangerous website in the world was Google. Its tremendous popularity led cybercriminals to target it specifically for blackhat SEO-related schemes, which in turn, led users to significant malware threats, particularly FAKEAV. In addition, Google’s ad network was also frequently victimized by malvertisements.
Social network: In another case wherein popularity led to danger, Facebook could be considered the most dangerous social networking site around. Everything from survey scams to KOOBFACE malware proliferation ensued on the site, as cybercriminals went where the people were, that is, Facebook.
Top-level domain: The most dangerous top-level domain in the world was CO.CC, which allowed cybercriminals to register thousands of domains on the fly with very little in the way of verification. This, along with Russian ISPs that routinely refused to shut down malicious sites, made for a very dangerous combination.
File format: PDF was the riskiest file format in 2010, as Adobe Acrobat and Reader vulnerabilities routinely became part of exploit toolkits.
Runtime environment: The most dangerous runtime environment for users in 2010 was Internet Explorer (IE) with scripting enabled. Even today, most browser exploits specifically target IE. However, Java is quickly becoming a more prominent target and could become the prime target in 2011.
Infection channel: The most common infection channel was still the browser, as more than two-thirds of all infections used this as infection vector. Previous infection methods like flash disks and spammed messages were still around but were less prominent than before.

Share this article

This entry was posted on Wednesday, December 29th, 2010 at 5:00 am and is filed under Bad Sites . Both comments and pings are currently closed.

Pingback: WordPress Blog Claims WordPress Is The Riskiest Web Software? | Chrome9
Pingback: Social Media Marketing HQ | Learn Social Media From the Industry's Brightest Minds » WordPress Blog Claims WordPress Is The Riskiest Web Software?
Chris

To second many points above, this list seems poorly written, ill researched and generally put together to create fear to sell software.

You can't just say things are dangerous because idiots use them! You could say a Ferrari is the worlds most dangerous car because it can go so fast. But in the right hands it's a whole lot less dangerous than a Vauxhall Nova driven by a drunk boy racer. And there's a lot less chance for the boy racer to get his hands on the Ferrari.

Better research and stats to back up the list in future might make it worth reading.
Alan G

@TreX: I've known a lot of computer users over the years — several hundred. Most of them run Windows, a few have Macs. Once in fifteen years I've seen an idiot who had Windows updates turned off, ran no anti-malware, and for him there was no salvaging his system. In more than 25 years on DOS and Windows, I've not once had a virus, trojan, keylogger or other malware. Less than 5 people — all very uneducated — out of hundreds I've known and worked with have ever had to combat a malware infestation.

The unquestioning acceptance of Apple's PR and marketing that your post exhibits is a bit scary. You should not let other people do your thinking for you, especially when they are being paid to make you think a certain way. Find out for yourself. Go look. And don't forget: a fixed idea is as good as a blindfold.
Alleged_Accomplice

Anything is dangerous in the wrong hands. When I first got a computer in 98 I could be had for any price. Now I know I can get anything I want without the hassles, viruses, trojans and everything else I used to go through just to get something I wanted online. Knowing where to look and not look, paying attention to the warning given off by my browser and my anti virus. I had back then ignored warnings at times and paid the price.

I've been thinking lately that maybe teaching new users how to get to the things they want in a safe way would be a good idea. These things aren't always legal like stolen content or all that good, porn. As it is they go through the same cycle I did and infect themselves and others in the process until they learn where to get what they are after without getting something they aren't after.

The biggest name anti virus software isn't the best for many users. They are well known and hackers have learned to beat them. They are made for complete idiots to use, they don't take into account the fact that some idiots are incomplete, have many missing parts like I used to.

Facebook I won't go into except to say its all about becoming famous for absolutely nothing and people will never stop wanting that.
Pingback: عَ سريع » جوجل والوردبريس والفيس بوك في قائمة “الأكثر خطورة” لعام 2010
http://craftingfromtheheart.com/ Denise

Use a good browser, use tools to prevent unwanted scripts from running, use a good anti-virus program and keep it updated, and don't click on every link you see just because it "looks" interesting. Don't download any program unless you get it from the publisher, and you check out the reviews for said publisher.
Pingback: The Most Dangerous Tech Items Of 2010 | PCMech
Pingback: Top 10 des technos à risques en 2010 | 1 jour 1 post
Pingback: Listado de las amenazas más peligrosas durante 2010 » blog.trendmicro.es
Michel Vasic

Hum. Not sure you remember how risk is evaluated.

Risk = impact x probability.

Probabilities is usually linked to the popularity of a platform more than to the number of vulnerabilities of that platform. Have 1 "zero-day vulnerability" on Windows/IE and it will be used immediately by exploits. Have 10 on Mac OS, no exploit will appear.
So applying the formula fairly will certainly rate Microsoft Windows higher than Apple’s Mac OS X in terms of risky platform.
Afgan

Trex what a ham you are to think Mac is safe and windows is not i have run windows and mac and 1. have not had to format my hdd in the windows machine every year as i dont visit hack sites or software piracy sites or facebook i dont get infected. thus use the machine with a good virus software and you wont be virused.
2. my mac has had exploits and have had to reinstall the OS… no virus software there is there.
dont "fact" us unless you know the facts.
Rob

Secondly, have you ever tried to diagnose a malware infected Mac? For everyone who thinks there isn't any, wake up. I have now cleaned 2 Macs after being ridden with viruses. I have also had to format 1 of these same macs because a hacker had compromised the system, and was attempting to pull cookie data from safari. Macs users without antivirus software can also send virus ridden messages to windows machines unwittingly. (Admittingly not as common now as it used to be.)

In any case, it's time that Apple started paying attention and patching their systems on a more regular basis, and for users to get off the holier-than-thou mentality. I'm not saying there's not 14million more viruses for windows, but the Mac has never been a super-secure system. It's simply been to small to bother targeting. As that changes, we'll continue to see more attacks and compromises of Apple systems. So TreX…

"Get the facts!!"
Rob

Actually Michael, that's not a bad idea. I routinely block all smtp traffic leaving my network that doesn't originate from my mail server. I get complaints that user's POP accounts don't work, but my IPs don't get blacklisted when the user's hit with a spambot!
Pingback: جوجل والوردبريس والفيسبوك في قائمة الأكثر خطورة لعام 2010
http://intraordinaire.com/ michel v

Let's stop spam by blocking SMTP on our networks too, while we're at it.

Serious business.
Pingback: Top 10 des technos à risques en 2010
Pingback: Trend Micro Asia Pacific Newsletters Library - 2010 in Review: 2010′s Most Dangerous List
Pingback: Google é apontado como um dos sites mais perigosos de 2010 | F2 - Sistemas
Pingback: Lo peor del 2010 | JuandaBIT
Pingback: Google é um dos sites mais perigosos de 2010 | F2 - Sistemas
Pingback: Colobe IT Solution-Leonardo » Blog Archive » Google é um dos sites mais perigosos de 2010
Pingback: Mac OS X は危ない OS « やっぱりマックでしょ！
http://rhftech.com Richard

Topping the list of "2010's Most Dangerous List" should be uneducated and ignorant computer users.
Pingback: Google tops list of web’s most dangerous « new media monthly
Michael Ch’ng

However your blog is using wordpress as well… Is that is failed action ?
DWalla

Must……. sell…….. software……..

Must……. create…… fear…….

Mac users….. aren't you afraid?….. let us soothe your fears for $49.95
Anon

This is nothing but poorly filtered data not taking into account the user levels and popularity of the systems being used.

I'm really surprised that you've fallen foul of one of the most basic aspects of mining and filtering statistical data.
Google might be the most dangerous search engine, simply because it has such a large share of the market.
It's like suggesting driving is more dangerous than parachuting simply because more people do it!

Shame on you for being so ridiculous.
Pingback: BuddeBlog » Blog Archive » ICT’s dangerous items listBuddeBlog
Pingback: Google foi o site mais perigoso de 2010
http://mindsharestrategy.com Eric

While I appreciate the risk list, I question its accuracy. You list WordPress as the "riskiest website software" because people were running unpatched, insecure versions. That would be like listing Schlage as the riskiest door locks because people's houses were broken into when they left their doors unlocked.

There's a significant difference between software that's risky by nature, and software that becomes risky when the user fails to maintain it.
Pingback: WordPress As Riskiest Web Software In 2010 « Weblog Tools Collection
Pingback: 2010 in Review: 2010′s Most Dangerous List | Threat Trend Security News
Pingback: Mac OS X crowned most dangerous OS in 2010 – DRS | Derangedshaman.com
Pingback: Najopasniji Mac OS X | BalkanCafe
Pingback: Najopasniji operativni sistem Mac OS X | Republika
TreX

The worst malware is called Microsoft, and includes Windows, Internet Explorer, Outlook, etc.

Windows has almost 85,000 viruses reported and growing each day.

Mac has virtually no viruses, besides the concept ones, which do not exist in the wild.

It is typical for a Windows user to have to reformat the hard disk every year or so to get rid of malware. And that is a real pain, since it means re-installing every application from scratch.

Mac users do not have to worry about all that. It just works!

Get the facts!
Pingback: Google и WordPress са най-опасните сайтове в света за 2010 г. | NewTrend.bg
Pingback: Is OS X Dangerous For Users?
Pingback: What were the greatest risks online in 2010? | ListFree.org
Pingback: What were the greatest risks online in 2010? | We Watch Your Website - so you don't have to!
Pingback: Google was the world’s most dangerous website in 2010 | roboword
Pingback: جوجل من أخطر المواقع سنة 2010 | عالم جوجل
Pingback: ‘Site Google Gevaarlijkste site ter Wereld’ |
Pingback: The Most Dangerous OS: Mac OS X | ConceivablyTech
Pingback: Google was the world’s most dangerous website in 2010
Pingback: Google was world’s most dangerous website in 2010
Pingback: [EN] Hardware, aplicaciones y servicios más vulnerables del 2010

TrendLabs Malware Blog

Trend Micro

Targeted Attacks

Mobile

Recent Posts

Calendar