Cyberoam announced the October 2013 Internet Threats Trend Report, prepared in collaboration with its partner, Commtouch. Report throws light on some recent web malware and spam trends of the third quarter (July-September 2013).
Exploitation of trending news items is no new thing in the cyber threat world. Over the time exploitation of such current/real-time news has grown. According to the threat trends of Q3, there was a faster and more advanced use of real-time malware campaigns. The primary observation derived of these campaigns was that the time between the news event and the related malware attack has steadily decreased throughout the year. As for the trend on these real-time campaigns: They’ve got faster.
In March 2013, when the new Pope was elected, the first malware attacks began after 55 hours. In April 2013, after the Boston Marathon bombing, it took 27 hours to see the first related attacks exploiting interest in the event. The new average time to exploit news events for malware distribution now averages to only 22 hours.
Few other examples of the real-time malware campaigns in Q3 include the news of royal baby Prince George, NSA whistleblower Edward Snowden, and the Syria crisis. Examples such as the Syria-related campaign in September show that spammers are not waiting around – the attacks spring faster than the news of the event.
The average number of daily phishing sites tracked in Commtouch’s GlobalView database increased by nearly 35% in Q3. PayPal phishing sites alone accounted for approximately 750 new phishing sites each day.
The Q3 Internet Threats Trend report also reports the detection of numerous repeating email-malware campaigns in Q3, as seen by Commtouch Security Labs. As usual, the emails and notifications were sent in the name of big companies and brands, but included a malicious email attachment and in some cases, also a link to an infected website. The brands used in the attacks included Apple, Burger King, KFC, Walmart, UPS, DPD, MoneyGram and so on.
Other highlights from the October 2013 report included details about the categories of websites that were most likely to be compromised with malware. Travel websites topped this list of ten. The report also talks about the Mobile malware and top 5 most commonly seen Android threats. In addition to these, details on Q3 trends related to Email Malware, Spam Trends, Spam Topics, Email Zombies and more, are also covered in the report.