Risk
8/3/2010
09:50 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Google Has Two Times More Malware Than Bing, Yahoo, Twitter Combined

Barracuda Networks issues midyear security report

Campbell, Calif. (July 28, 2010) – Barracuda Networks Inc., a leading provider of content security, data protection and application delivery solutions, today released its Barracuda Labs 2010 Midyear Security Report, revealing data from two key areas: search engine malware and Twitter use and crime rate. The company is presenting this data at Security BSides Las Vegas and DefCON 18 this week in Las Vegas. The full report is available at the company’s security research portal at http://barracudalabs.com.

Searching for Malware Barracuda Labs conducted a study across Bing, Google, Twitter and Yahoo!, over a roughly two-month period. The analysis reviews more than 25,000 trending topics and nearly 5.5 million search results. The purpose of the study was to analyze trending topics on popular search engines to understand the scope of the problem and to identify the types of topics used by malware distributors. The results will be presented at DefCON 18 on Saturday, July 31, at 11:00 a.m. PT, at the Riviera Hotel & Casino.

Key highlights from the search engine study include:

* Overall, Google takes the crown for malware distribution – turning up more than twice the amount of malware as Bing, Twitter and Yahoo! combined when searches on popular trending topics were performed. Google presents at 69 percent; Yahoo! at 18 percent; Bing at 12 percent; and Twitter at one percent. * The average amount of time for a trending topic to appear on one of the major search engines after appearing on Twitter varies tremendously: 1.2 days for Google, 4.3 days for Bing, and 4.8 days for Yahoo! * Over half of the malware found was between the hours of 4:00 a.m. and 10:00 a.m. GMT. * The top 10 terms used by malware distributors include the name of a NFL player, three actresses, a Playboy Playmate and a college student who faked his way into Harvard.

The Darkside of Twitter Barracuda Labs analyzed more than 25 million Twitter accounts, both legitimate and malicious. The purpose of this part of the study was to measure and analyze account behavior on Twitter in order to model normal user behavior and identify features that are strong indicators of illegitimate account use. The study reviews several key areas including True Twitter Users1, Twitter Crime Rate2, and Tweet Number3. The results will be presented at Security Bsides Las Vegas on Wednesday, July 28, at 3:00 p.m. PT, at the 2810 Resort.

Key highlights from the Twitter research include:

* In general, activity is increasing on Twitter: more users are coming online; True Twitter Users are tweeting more often, and even casual users are becoming more active. As users become more active, the malicious activity also increases. * Only 28.87 percent of Twitter users are actual True Twitter Users. * Half of Twitter users tweet less than once a day, yet one in 10 users tweet five or more times a day and 30 percent of Twitter accounts have never tweeted. * One in every eight Twitter users has at least 10 times more followers than they are following. * Only one in 10 users is following more than 100 users, and almost half are following less than five. * The Twitter Crime Rate for the first half of 2010 was 1.67 percent.

“Our study shows that attackers have serious efforts devoted towards getting in front of the billions of eyeballs that are using search engines everyday and the millions of users that are connecting on social networks like Twitter,” said Dr. Paul Judge, chief research officer and VP at Barracuda Networks. “Therefore, we continue to analyze their approaches and build new techniques to find them and protect users.”

To review the complete Barracuda Labs 2010 Midyear Security Report and the company’s security portal, please visit http://barracudalabs.com.

About Barracuda Networks Inc. Barracuda Networks Inc. combines premises-based gateways and software, virtual appliances, cloud services, and sophisticated remote support to deliver comprehensive content security, data protection and application delivery solutions. The company’s expansive product portfolio includes offerings for protection against email, Web and IM threats as well as products that improve application delivery and network access, message archiving, backup and data protection. Coca-Cola, FedEx, Harvard University, IBM, L'Oreal, and Europcar are among the more than 100,000 organizations protecting their IT infrastructures with Barracuda Networks’ range of affordable, easy-to-deploy and manage solutions. Barracuda Networks is privately held with its International headquarters in Campbell, Calif. For more information, please visit www.barracudanetworks.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6306
Published: 2014-08-22
Unspecified vulnerability on IBM Power 7 Systems 740 before 740.70 01Ax740_121, 760 before 760.40 Ax760_078, and 770 before 770.30 01Ax770_062 allows local users to gain Service Processor privileges via unknown vectors.

CVE-2014-0232
Published: 2014-08-22
Multiple cross-site scripting (XSS) vulnerabilities in framework/common/webcommon/includes/messages.ftl in Apache OFBiz 11.04.01 before 11.04.05 and 12.04.01 before 12.04.04 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, which are not properly handled in a (1)...

CVE-2014-3525
Published: 2014-08-22
Unspecified vulnerability in Apache Traffic Server 4.2.1.1 and 5.x before 5.0.1 has unknown impact and attack vectors, possibly related to health checks.

CVE-2014-3563
Published: 2014-08-22
Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.

CVE-2014-3594
Published: 2014-08-22
Cross-site scripting (XSS) vulnerability in the Host Aggregates interface in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-3 allows remote administrators to inject arbitrary web script or HTML via a new host aggregate name.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Three interviews on critical embedded systems and security, recorded at Black Hat 2014 in Las Vegas.