Gadgetell | Tech News, Reviews, and Interesting Things

According to Microsoft’s latest Security Intelligence Report for July through December 2007, web attacks are on the rise.

With more users becoming cautious about downloading and opening email attachments, hackers are now looking for new ways to “trick” users into downloading malware.  The most popular attack is the embedding of malware into websites, especially through banner advertisements. In fact, adware has increased by 66 percent. The most common type of malware removed by Microsoft’s Malicious Software Removal Tool (MSRT) are Trojan horses, which disguise themselves as innocent software but contain hidden malicious code within—which can be used to create a back door or collect personal information, for example. Microsoft reports that the number of Trojan horses has exploded by 300 percent during the second half of 2007. In all, the software giant says that the number of malicious software removed by its MSRT has increased by 40 percent. Another attack gaining popularity is phishing, which is the act of tricking users into visiting a legitimate looking website and entering their personal information (e.g., social security and credit card numbers), only to have it stolen and/or sold to a third party.

Interestingly, a lost or stolen computer is the most common security breach, which accounted for 57 percent of the total number of breaches. Exploits, malicious software, and hacking accounted for 13 percent for the second half of 2007 (23 percent for the entire year). However, there is some slightly good news. The number vulnerabilities related to Microsoft products has fallen 15 percent in the second half of 2007; resulting in an overall 5 percent drop in the total number of vulnerabilities for the entire year.

Other interesting tidbits include:

• 129.5 million pieces of potentially unwanted software were detected between July 1 and December 31 2007, resulting in 71.7 million removals. These figures represent increases of 66.7% in total detections and 55.4% in removals over the first half of 2007.
• Once a largely e-mail based phenomenon, phishing attempts are increasingly being posted to social networks, exploiting the trust that victims place in these networks and in the social contacts with whom they have connected through them.
• The most prevalent rogue security software detected in the second half of 2007 was Win32/Winfixer, with more than five times as many detections as any other single family. Winfixer (an Internet and Windows Explorer toolbar) displays erroneous alerts warning of severe system threats. The program then offers to remove the erroneous detections for a fee. These warnings appear under multiple false product names in several different language versions.
• The top potentially unwanted software family detected in the second half of 2007 was Win32/Hotbar. Win32/Hotbar installs a dynamic toolbar in Internet Explorer and Windows Explorer and delivers targeted pop-up ads based on its monitoring of Webbrowsing activity. The toolbar appears in Internet Explorer and Windows Explorer. The toolbar contains buttons that can change depending on the current Web page and keywords on the page. Clicking a button on the toolbar may open an advertiser Web site or paid search site. Hotbar also installs graphical skins for Internet Explorer, Outlook, and Outlook Express. Win32/Hotbar may collect user-related information and may silently download and run updates or other code from its servers.

Read [CNET]