Trend Micro has released its Threat Report for the first half of the year. The report focuses on the global trends in online threats that we have seen.
Europe became the largest source of spam globally in the first half of the year. Contrary to what some would believe, pornographic mail make up only 4 percent of all spam. Commercial, scam-based, and pharmaceutical/medical spam accounted for 65 percent of the total number of spam worldwide. HTML spam was the most common kind of spam.
We saw significant growth in the number of malicious URLs, which increased from 1.5 billion at the start of the year to over 3.5 billion by June. North America was the leading source of these while Asia/Pacific was the region with the most number of attempts to access these sites. The top URLs blocked by Trend Micro were adult websites.
Trojans accounted for about 60 percent of the new patterns TrendLabs created in the first half of the year. Overall, 53 percent of the overall number of detections consist of Trojans. The majority of Trojans lead to data-stealing malware. Backdoors and crimeware/data-stealing malware came in second and third places.
India and Brazil were identified as the countries with the greatest number of computers that became part of botnets. These bots are used to distribute malware, to perpetrate criminal attacks, and to send out spam.
Trends in Targeted Industries
The education sector was the most targeted industry vertical in the first half of 2010. Nearly half of all malware infections occurred within schools and universities. Here, IT and security staff face the challenge of securing complex, distributed, and diverse infrastructures that support students who are not likely to follow security measures. The government and technology sectors followed, each tracking 10 percent of all malware infections.
ZeuS and KOOBFACE Continue to Be Threats
The ZeuS and KOOBFACE malware families were among the most prolific in the first half of the year. ZeuS is primarily a malware kit designed to steal users’ online banking login credentials and other personal data. Hundreds of new ZeuS variants are seen by Trend Micro every day and this is not likely to change in the near future.
Meanwhile, the KOOBFACE botnet has become the largest social networking threat to date. In the early part of this year, TrendLabs experts noted that the KOOBFACE gang was continuously updating their botnet—changing the botnet’s architecture, introducing new component binaries, and merging the botnet’s functions with other binaries. They also began encrypting their command-and-control (C&C) communications to avoid monitoring and takedown by security researchers and the authorities.
Vulnerabilities Increase in Number
Vulnerabilities in applications have always been a part of the security landscape. In the first half of 2010, a total of 2,552 vulnerabilities were reported to the Common Vulnerabilities and Exposures (CVE) database. Several more have only been privately reported to vendors and have not been published externally.
These vulnerabilities facilitated “drive-by” threats wherein all that is necessary to become infected is to visit a compromised website. Servers are coming under attack as well with cybercriminals exploiting unpatched vulnerabilities. While this may be more difficult than compromising a single user system, the potential reward for cybercriminals is greater.
The Trend Micro™ Smart Protection Network™ provides the infrastructure behind many Trend Micro products and delivers advanced protection, blocking threats in real-time. Currently, the Smart Protection Network sees 45 billion queries every 24 hours while blocking 5 billion threats and processing 2.5TB of data on a daily basis. On average, 80 million users are connected to the network each day.
The full threat report can be found on TrendWatch under the Threat Reports section.