Find White Papers
Home About Contact Help
Free Membership Member Login
Oct 8, 2008
View Popular Research Browse Topics Find Business Solutions RSS Feeds List Your Research
Search the Library                  Advanced Search

ESET Global Threat Report 2007

ESET
By : ESET
INFORMATION
Published : Jan 15, 2008
Length : 37
Type : White Paper
 
Download Now
Save for Later
  Email This Page
Overview :

As another year draws to a close, few can have failed to notice the plagues of malicious software, floods of fraudulent emails and the generally increased pestilence of our online world, marking out 2007 as one of the most remarkable in the history of malware. As you read this report, bear in mind that the information is not only limited to ESET’s own unique view, but also reflects what has happened globally over the past twelve months.

As with stocks and shares, past threat trends are not a sure predictor of future developments: however, we can be certain of one thing. Although the threats may change and new ones will appear, there will continue to be malicious software threats as long as there are computers to attack and exploit, and computer users to fall victim. Furthermore, as more platforms become mainstream, they will inevitably be used as a medium for exploitation.

Read this paper to learn more about the top malware threats in 2007.
View All Items By This Company
Browse Related Categories :

Anti Spam

,

Anti Virus

,

Hacker Detection

,

Internet Security

,

Intrusion Detection

,

Phishing
 
ESET’s product line has, traditionally, been focused on the detection and removal of viruses and other forms of malicious software, though you’ll notice as you read through this document that we do rather more than that, and that our product range is increasing in versatility. Still, the data resources that we’ve mined so as to bring you this summary are still focused on malware, so we won’t make more than a fleeting reference to other fascinating security-related phenomena and issues that have dominated this year, such as:
- The use of Acrobat PDF files and other graphics-friendly objects such as Excel spreadsheets in spam and scams, such as pump and dump fraud
- The rise of Microsoft’s Vista and some heated discussion about its security enhancements
- The increasing attention paid to Web 2.0 technologies (collaborative technologies and platforms, such as wikis, blogs, moodle and so on), to virtual worlds like Second Life, and to social networks like Facebook, MySpace, Ning, and LinkedIn by security specialists and blackhats alike
- The ongoing diversification and increasing sophistication of botnet technology and topology
- The continuing shift away from replicative malware (viruses and worms) to other forms of malware (backdoors, keyloggers, banking Trojans), and from hobbyist virus creation to professional crimeware development
- The recognition by anti-malware developers, researchers and testers that comparative testing and certification has to move away from testing with known malware to more demanding methodologies designed to test a product’s ability to make use of behavior analysis, heuristics and other forms of proactive and dynamic detection, rather than focusing entirely on malware-specific detection by signature.

To produce this summary, we’ve drawn on some of the data resources we use continuously to maintain and improve our product range. In particular, Virus Radar collects data on email-borne malware, while our ThreatSense.Net® technology automatically collects data on all sorts of incoming new and old threats trapped by our heuristics, and immediately forwards information to our Threat Laboratory. These data are primarily intended to give us an edge in the security market by allowing us to improve the detection capabilities of our products, so that we continue to detect not just known malware, but brand new threats, by continuing to improve our sophisticated proactive detection technologies. We hope that you’ll find this peek into the innards of our technology and what it’s picked up over the past 12 months interesting, informative and useful.

Proportion of Infected E-mails to Total Messages Monitored
Our figures indicate that out of a sample of 4,251.9 million messages monitored over the period from January 1st 2007 to December 10th 2007, 33.8 million messages carried malicious content such as a malware attachment or a link to a web site containing malicious code. Of course, we don’t monitor anywhere near all the e-mails sent all over the world, but that’s a large enough sample to give us some idea of what’s happening worldwide. Naturally, there are things we can’t measure: for instance, we don’t know how many infected messages were intercepted by other sensors before they reached the servers we monitor, but every vendor has that problem. Also, we can’t tell you what proportion of the uninfected messages are irritating but “harmless” spam that carries no overtly malicious content: that would require the deployment of quite a different set of tools, and even then, spamminess can’t be measured as precisely as malware content, because to some extent, spam is defined by the recipient, not by the security community.
The statistics do, however, reassure us that our proactive detection of new threats – either by their resemblance to known threats using generic signatures, or by sophisticated heuristic techniques that identify brand-new malware – remains as outstandingly effective as our customers have come to expect.

Threat Descriptions Win32/Stration
The Stration threat has been around since mid-2006. This mass mailing malware is used to send unsolicited e-mails (spam). It often arrives as an e-mail attachment and tries to disguise itself as a normal text file by modifying its own icon. We have seen variants of Stration that also used MSN Messenger or Skype to send out copies of themselves.
Search the Library                  Advanced Search
Today's Popular Reports This Weeks Most Popular Reports Most Popular Topics Vendor Directory Home
About Us Contact Us List Your Papers Partner With Us Site Map