Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Trend Micro’s TrendLabsSM has released its latest roundup for the month of July 2010. Recognizing that attacks are now carried out using three primary vectors—email, Web, and file—I have drawn on some of the highlights from the past month.


    The United States, Brazil, and India retained their positions as the top 3 spam-sending countries, a trend consistent with the previous two months. Both the United States and Brazil posted an increase in their spam numbers during the said months. India, meanwhile, posted a decline.

    Top Phishing Targets

    HSBC has become the top phishing target this month via email. It leaped from the bottom of the list to the top spot this July while PayPal remained part of the top 3 phishing targets. The full top 10 list can be found within the monthly report.

    New Phishing Targets

    Two new companies have been added to phishers’ list of targets, namely:

    1. ABN AMRO Bank N.V., a Dutch bank based in Amsterdam
    2. Banco Hipotecario Dominicano (BHD), a Big Four bank in the Dominican Republic


    With malware threats persistently posing danger to users, TrendLabs consistently monitors the threat landscape. This month, ATM malware, botnets, and online gaming-related threats were particularly noteworthy.

    The notorious KOOBFACE botnet also launched another notable attack this July using the old technique of sending out direct messages (DMs) via Facebook.

    Two notable ZeuS/ZBOT malware were found this July—one targeting Russian banks and/or Yandex services, the other was TSPY_ZBOT.CQJ, which steals information by inserting malicious code into legitimate banking websites. The malicious code works when the said sites are viewed using Internet Explorer or Firefox.

    The report also notes that the continued proliferation of online gaming threats has made the gaming sector a consistent cybercriminal target. This is particularly true in China where online gaming is very popular and where cybercriminals have created XWM, the popular Chinese Trojan kit.

    Web Threats

    User account information and credit card credentials reap good profits for cybercriminals. As such, cybercriminals continued to leverage on the widespread use of social networking sites, search engines, and redirectors this July. In the report, we detailed certain attacks and notable data points related to compromised sites.

    Top Domain IP Addresses Blocked

    The domains in the list have been found to be hosted in Ireland, the United States, Russia, China, Romania, and Japan.

    • bid.<blocked>.net
    • cdn4.<blocked>
    • delivery.<blocked>
    • dt.tongji.<blocked>
    • hot1.x<blocked>
    • linux1<blocked>
    • pic.s139.c<blocked>
    • traffic<blocked>
    • z0g7<blocked>
    • z.ali<blocked>.com

    Top URLs Blocked

    These malicious URLs have been found to be hosted in Ireland, China, the United States, Germany, and Japan.

    • bid.<blocked>.net:80/json/
    • dt.tongji.<blocked>
    • cdn4.spec<blocked>.net:80/img/qa1.swf/
    • delivery.<blocked>
    • z.ali<blocked>.com:80/alimama.php/
    • linux1<blocked>
    • hot1.x<blocked>.info:80/pic.php/
    • linux106.m<blocked>
    • ad.globe7.<blocked>:80/iframe3/

    For the full report and analysis, visit the Threat Report section of TrendWatch.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice