My Bitdefender
  • 0 Shopping Cart

Press Center

December 2009

BitDefender Malware and Spam Survey Finds E-Threats Shifting with International Current Events and the Rising Popularity of Web 2.0

Cybercriminals continue to find creative means of distribution in the second half of 2009

Malware writers have preserved their focus on web-based attacks while actively looking for new methods to disseminate their products, according to BitDefender, an award-winning provider of innovative anti-malware security solutions. Today, BitDefender released the results of its malware and spam survey from July through December 2009, showing an increase in a wide range of threats, from the exploitation of international news events to higher levels of spam being disseminated through social networking platforms aiming to curb marketing costs in a down economy.

Malware Threats in Review

Over the last six months, malware writers have continued their efforts to infect computer users in order to receive direct financial gain and/or to seize control over their machines.Trojan.Clicker.CM holds as the number one e-threat for the second half of the year. It▓s used to force advertisements inside the users▓ browsers when visiting grey area websites (such as porn websites or services offering ⌠warez■ software). The alarming infection rate reveals that malware authors are driven by profit, while cyber-criminals are motivated by pay-per-click fraud.

Along with the already ⌠traditional■ Trojan.Clicker.CM infections, Win32.Worm.Downadup has been one of the most notorious e-threats of the past six months. Malware authors▓ top choice of distributing their e-threats remains the web, but Autorun-based techniques have been rapidly gaining ground. By default, every removable storage device features an autorun.ini script that instructs the computer on which file to execute when the medium is plugged in. However, malware authors frequently tamper with the file to make it launch miscellaneous malicious applications. Although extremely useful for non-technical computer users, the feature has been completely discarded in Windows Vista SP2 and Windows 7 in order to prevent infections.

⌠In the second half of 2009, we saw international events such as the advent of the H1N1 Swine Flu exploited to their full extent by malware authors in order to launch new infections,■ said Vlad VБlceanu, Head of BitDefender Antispam Research Lab. ⌠As cybercriminals continue to look for ways to enhance their e-threats, now more than ever, it▓s essential for computer users to make sure they have a security solution in place that can provide them with advanced, proactive protection.■

During the last six months the most active countries in terms of malware propagation were China, France and the United States, followed by Australia (up one place from the first half of 2009), Romania (also up one place) and Spain (down one place).

World▓s Top 10 Malware from July-December 2009
01. Trojan.Clicker.CM 8.97%
02. Trojan.AutorunINF.Gen 8.41%
03. Trojan.Wimad.Gen.1 4.41%
04. Win32.Worm.Downadup.Gen 4.13%
05. Exploit.PDF-JS.Gen 3.39%
06. Win32.Sality.OG 2.60%
07. Trojan.Autorun.AET 1.97%
08. Worm.Autorun.VHG 1.59%
09. Trojan.JS.PYV 1.50%
10. Exploit.SWF.Gen 1.47%


Spam Trends in Second Half of 2009

During the second half of 2009, the spam landscape has remained relatively unchanged, with the Canadian Pharmacy positioned as top worldwide spammer. Most of the messages advertised sexual enhancement products such as alternative replacements for Cialis, Viagra and Levitra. This is an extremely lucrative field of spam, mostly because the products ordered via Canadian Pharmacy webshops never make it to the customer, who is often too ashamed to report these issues to the authorities. More than that, these online payments are extremely risky, since the spammer has access to the used credit card details and can draw any amount of money at will.

Spam messages account for 88.9 percent of the total amount of electronic messages sent worldwide. Text-based messages are the most frequently encountered form of spam, while image-based spam is extremely rare, with only 2.3 √ 2.5 percent. The average size of a spam message is 3.5 Kb, although their size usually varies from 2 Kb to 9 Kb, depending on the approach.

In the second half of 2009, spammers have especially exploited international or national media events to lure their victims into opening the messages. One of the most important spam campaigns was launched after the controversial death of pop-star Michael Jackson. Back in July, BitDefender identified multiple spam waves allegedly offering more info on Michael Jackson▓s unknown killer, but actually carrying sexual enhancement drug ads and malware.

The Top 10 list for the second half of 2009▓s most advocated content through e-mail spam includes:

1 Medicine Spam
2 Phishing Links
3 Product Spam/Knockoff
4 Malware Attached
5 Software/OEM
6 Loan/Insurance
7 Employment
8 Education
9 Pornography (non dating)
10 Dating

Web 2.0 Threats

Spamming is also a common practice among Web 2.0 service users, such as social networking. While Twitter and Facebook have imposed strict policies on spamming, some other social network services have barely taken into account this possibility. For instance, the professional network LinkedIn has become the favorite playground for people and organizations offering miscellaneous services. Spammers attempt to join users▓ professional networks and then bomb them with messages advertising their products or services.

During the past six months, BitDefender has identified multiple variations of LinkedIn spam - a warning sign showing that the precarious state of the global economy pushes more and more providers into abusively marketing their services via social networks.
While spam and phishing sum up almost 80 percent of the e-threats related to social networks, worms exploiting large platforms have rapidly escalated. During the last six months of 2009, numerous families of worms have been pestering the largest social networks such as Twitter, MySpace and Facebook.

Initially spotted on August 2008, the Koobface worm has been one of the most active and destructive e-threats affecting social networking platforms. The cyber-criminal team behind the worm has released multiple variants of it in order to extend their reach with multiple social networking services. The viral infections took most of the platforms by surprise and the damage inflicted to users was beyond imagination, disabling some of the commercially-available antivirus utilities and exporting sensitive data such as e-banking credentials and IM passwords to a remote location. The infection technique was simple yet efficient: the worm used compromised accounts to lure friends into clicking the infected links.

The Phishing Landscape

Compared to the first half of 2009, the amount of phishing messages has remained relatively unchanged, although phishers have switched their focus to institutions that could bring them the most profit in the shortest timeframe. Primary targets are PayPal, Visa and eBay, followed by HSBC, American Express and Abbey Bank. Ally Bank and Bank of America rank last with a little over one percent of the total amount of phishing messages. These messages mostly target English-speaking computer users who are using the services of at least one of the institutions previously mentioned.

BitDefender Labs found that most web 2.0 phishing attempts in the first half of 2009 relied on social engineering schemes and speculated user naivety. The Twitter Porn Name scam is a good example. Users were invited to reveal their first pet name, as well as the first street on which they lived. These names are usually employed as backup/security questions. An e-crook possessing a person▓s username along with these ⌠clues■ can easily retrieve a password that he or she can later employ to access the account and send spam, access transactions, or use the account in whatever way necessary to make a profit, including demanding a ransom for release of the hijacked account.

⌠2009 witnessed a wide range of security threats aiming at both end-users and at corporate networks,■ VБlceanu commented. ⌠Extra caution and a highly-rated antimalware solution with antispam, antiphishing and antimalware modules are a must-have for anyone surfing the web in 2010.■

For more information on this survey, please visit http://download.bitdefender.com/resources/files/Main/file/H2-2009-Malware-and-Spam-Review-final.pdf

To stay up-to-date on the latest e-threats, sign-up for BitDefender▓s RSS feeds.


* * *

About Bitdefender®
Bitdefender is the creator of one of the world's fastest and most effective lines of internationally certified internet security software. The company is an industry pioneer, introducing and developing award-winning protection since 2001. Today, Bitdefender technology secures the digital experience of 400 million home and corporate users across the globe.

Top international testing organizations and world-renowned software reviewers acknowledge Bitdefender as a provider of the world’s most effective antimalware solutions. In January 2014, Bitdefender won top honors from AV-TEST, becoming the first solution to win “Best Protection” and “Best Performance” simultaneously. Bitdefender has also confirmed its industry leadership status with titles including “Best Antivirus of 2014” and two Editor’s Choice awards from PCMAG, and 2013 Editor’s Choice from CNET.

For more information about Bitdefender products, visit the security press room. Bitdefender also publishes the HOTforSecurity blog, with stories from the underworld of internet fraud, scams and malicious software.


test

Bitdefender E-Threats Landscape Reports

The purpose of this report is to provide a comprehensive investigation of the threats’ landscape. Bitdefender’s security experts thoroughly analyze and examine the menaces of the each semester, focusing on software vulnerabilities and exploits, different types of malware, as well as countermeasures, cyber crime prevention and law enforcement. The E-Threats Landscape Report concentrates mainly on the latest trends, but it also contains facts and data and concerning the previously investigated periods, as well as several predictions related to the upcoming semesters. This document is primarily intended for IT&C System’s Security Managers, System and Network Administrators, Security Technology Developers, Analysts, and Researchers, but it also addresses issues pertaining to a broader audience, like small organizations or individual users concerned about the safety and integrity of their networks and systems.

H2 2012 E-Threat Landscape Report - Overview

For the first half of the year, zero-day vulnerabilities played an essential role in disseminating malware with exploit packs as a favorite vector of infection. The dangerous zero-day exploit in the Java Runtime Environment (CVE-2012-4681) was documented and proof of concept was added to Metasploit, which became public knowledge before a fix was made available.

As a direct result, three billion devices running Java were vulnerable to remote code exploitation for roughly 48 hours. A second exploit hit in September and targeted Internet Explorer 9. Successful exploitation would allow remote compromise of the system with the installation of the Poison Ivy backdoor. Both zero-day exploits were used in advanced persistent attacks.

2012 saw fluctuations in the amount of junk e-mail as a proportion of e-mail traffic. The year began with a slight decrease in spam e-mails, but spam constantly gained ground towards the middle of the year. According to data gathered from the Bitdefender Antispam lab, the second half saw growth again, with small variations towards the end of 2012. The increase in the number of junk e-mails was nonetheless minor, by only 5%, leading to a rough value of 73% of the total number of e-mails sent worldwide.

Download now the full H2 2012 E Threat Landscape Report (pdf)

Download now the overview H2 2012 E Threat Landscape Executive Summary (pdf)


Archive

2012
Download now H1 2012 E Threat Landscape Report (pdf)

2011
Download now H1 2011 E-Threats Landscape Report - Executive Summary (pdf)
Download now H2 2011 E-Threat Landscape Report (pdf)
Download now H2 2011 E-Threat Landscape Report - Executive Summary (pdf)

2010
Download now H2 2010 E-Threats Landscape Report - Executive Summary (pdf)
Download now H2 2010 E-Threats Landscape Report (pdf)
Download now H1 2010 E-Threats Landscape Report - Executive Summary (pdf)
Download now H1 2010 E-Threats Landscape Report (pdf)

2009
Download now H1 2009 Malware and Spam Review Executive Summary (pdf)
Download now H1 2009 E-Threats Landscape Report (pdf)
Download now H2 2009 Malware and Spam Review (pdf)
Download now H2 2009 E-Threats Landscape Report - Executive Summary (pdf)

2008
Download now H1 2008 E-Threats Landscape Report (pdf)
Download now H2 2008 E-Threats Landscape Report (pdf)

White Papers

Welcome to the Bitdefender Photo Gallery

Bitdefender is the creator of award-winning, internationally certified Internet Security and Antivirus software.

Since its inception in 2001, Bitdefender has continued to raise the bar to set new standards in proactive threat prevention and virus removal, in many cases leading the way in the best Internet security detection techniques to prevent the spread of malicious threats.

Thanks to its first-class products and state of the art technologies, the company rapidly expanded into a worldwide leader. Bitdefender made its entrance on the international market when opening offices in the UK, USA, Germany, France and Spain, as well as establishing strategic partnerships and a local presence in over 100 countries globally.

By the end of 2009, Bitdefender was protecting millions of users globally and had established trusted use of our technology with household names like IBM and Virgin Media through strategic partnerships.

2011 brought a pivotal change in Bitdefender’s company philosophy, as the organization embraced a new corporate identity. It was also a year of success, as the company’s consumer products were the first in years to be voted the #1 choice (in terms of internet security) by three of the most important independent testing organizations in the world.

The new image acts as a binder between the company’s roots and its future. One thing has remained unchanged: Bitdefender’s capacity of delivering top antivirus products. Bitdefender provides the best antivirus solutions using the same award-winning technology for consumers and for corporate networks, from the small business right through to the global enterprise, protecting all endpoints.

The Bitdefender proprietary technologies, based on innovative ideas and leading trends in the information security industry, continue to be internationally recognized as the best Internet security software. The independent organizations which reward our outstanding results through numerous prizes and certifications are: Av-Test.org, Virus Bulletin, ICSA Lab, Checkmark, PC World Top 100, just to name but a few.

Bitdefender strives to constantly develop technology to stay one step ahead in offering our customers the best antivirus detection, combined with flexible usability and performance.

BRAND STORY

Who we are – under the sign of the Wolf

Who are we? We’re a sublime alloy of intelligence, strength and willpower. We have the sharp mind of the wolf and the sleekness of the dragon, the vigilance of the alpha-male and the indestructibility of the snake’s body. We are a unique combination of symbols that fight on Good’s side.

Half wolf. Half dragon. The Dacian Wolf was carried into battle by soldiers defending their territories in ancient times. It created fear in the opposition, and built confidence in those who carried it.

We are now the bearers of this symbol that transcends time. While the battlefield has changed, its spirit lives on. We are the defenders of the new digital world. We are AWAKE, always on guard—protecting more than 400 million users across the globe with our award-winning technologies.

Judging by its looks, the Bitdefender brand avatar borrows the spirit of our fearless ancestors. It also adds a modern layer to our historical heritage, by bringing the Bitdefender quintessence into the equation.
Bitdefender is perfectly adapted to today's combat requirements. It possesses the necessary skills to win the digital warfare that is going on inside computer networks all over the world.

The logo is a sleek, simplified representation of the brand avatar, while "AWAKE" means we’re always on guard, always ready to step in for the safety of the user.

Our purpose

We are here to defend the welfare of all users, no matter the platform, the nature of the user nor the magnitude of the challenge.
We will do whatever it takes to keep computer users safe from harm and help the Good prevail.
Always.

Catalin Cosoi

Catalin Cosoi

Chief Security Strategist

Alexandru Catalin Cosoi is Bitdefender's Chief Security Strategist, tasked with energizing and publicizing the company's technological progress.

Catalin specializes in pattern extraction and recognition technologies, with an accent on neural networks and clustering algorithms. His technical achievements have so far materialized in four granted patents and a series of classification technologies being implemented mostly in Bitdefender software. As a consequence of his interests, he is also pursuing a PhD in natural language processing.

He lists his professional goals as "gaining a Nobel prize and achieving clinical immortality", is married and lives in Bucharest, Romania at the rare times when his job isn't sending him around the globe.

Bogdan Botezatu

Bogdan Botezatu

Sr. e-Threat Analyst

Bogdan Botezatu (born 1983 in Romania) is a computer security expert and editor of HOTforSecurity.com. He has a strong background in computer networking and antimalware research .

Bogdan Botezatu is Senior e-threat analyst for Bitdefender. He has worked for the Romanian provider of innovative antivirus solutions since 2007. His areas of expertise are cyberwarfare , mobile and social networks malware.

As Senior e-threat analyst, he was part of the teams that developed the Bitdefender USB Immunizer and Bitdefender Removal Tools . More than that, he was the author of Malware History , an overview of the most notable developments in the malware landscape, Securing Wireless Networks , that provides tips and tricks on how to shield your home network from intruders, and Safe Blogging Guide , that highlights key recommendations on how to keep your blog and identity safe.

Bogdan Botezatu has spoken at various computer security conferences around the world, including IPEXPO , DefCAMP and international seminars, such as “Current Methods for Combating Cybercrime”, organized by IMPACT Alliance.

Before joining Bitdefender he has activated as system administrator at the Alexandru Ioan Cuza University of Iasi, where he supervised the implementation of IT functions in the educational sector for non-IT-related specialties.

Who to ask? Below you have a list of all of our media representatives who are ready to answer any question you might have.



Marius Buterchi
PR Manager
US
+40 212 063 470
publicrelations[at]bitdefender[dot]com



Catalin Cosoi
Chief Security Strategist
Head of Communications
+40 212 063 470
publicrelations[at]bitdefender[dot]com



Andrei Taflan
Global PR Manager
+40 212 063 470
publicrelations[at]bitdefender[dot]com