Trend Micro’s TrendLabsSM has released its latest roundup for the month of July 2010. Recognizing that attacks are now carried out using three primary vectors—email, Web, and file—I have drawn on some of the highlights from the past month.
The United States, Brazil, and India retained their positions as the top 3 spam-sending countries, a trend consistent with the previous two months. Both the United States and Brazil posted an increase in their spam numbers during the said months. India, meanwhile, posted a decline.
Top Phishing Targets
HSBC has become the top phishing target this month via email. It leaped from the bottom of the list to the top spot this July while PayPal remained part of the top 3 phishing targets. The full top 10 list can be found within the monthly report.
New Phishing Targets
Two new companies have been added to phishers’ list of targets, namely:
- ABN AMRO Bank N.V., a Dutch bank based in Amsterdam
- Banco Hipotecario Dominicano (BHD), a Big Four bank in the Dominican Republic
With malware threats persistently posing danger to users, TrendLabs consistently monitors the threat landscape. This month, ATM malware, botnets, and online gaming-related threats were particularly noteworthy.
The notorious KOOBFACE botnet also launched another notable attack this July using the old technique of sending out direct messages (DMs) via Facebook.
Two notable ZeuS/ZBOT malware were found this July—one targeting Russian banks and/or Yandex services, the other was TSPY_ZBOT.CQJ, which steals information by inserting malicious code into legitimate banking websites. The malicious code works when the said sites are viewed using Internet Explorer or Firefox.
The report also notes that the continued proliferation of online gaming threats has made the gaming sector a consistent cybercriminal target. This is particularly true in China where online gaming is very popular and where cybercriminals have created XWM, the popular Chinese Trojan kit.
User account information and credit card credentials reap good profits for cybercriminals. As such, cybercriminals continued to leverage on the widespread use of social networking sites, search engines, and redirectors this July. In the report, we detailed certain attacks and notable data points related to compromised sites.
Top Domain IP Addresses Blocked
The domains in the list have been found to be hosted in Ireland, the United States, Russia, China, Romania, and Japan.
Top URLs Blocked
These malicious URLs have been found to be hosted in Ireland, China, the United States, Germany, and Japan.
For the full report and analysis, visit the Threat Report section of TrendWatch.