Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/29/2011
04:15 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Russia Leapfrogs USA As World Leader For Malware

Kaspersky Lab has released its monthly spam report for May 2011

Abingdon, UK, 29 June 2011 – Kaspersky Lab has released its monthly spam report for May 2011, which shows the volume of spam in email traffic increased 2.1 per cent, when compared with the previous month, making up on average 80.8 per cent of the total. A reduction of phishing messages was also noted, while the share of postings containing malware increased.

In May, spammers actively used current hot topics in the news to deceive users. In particular, a surge in the number of messages was detected exploiting the news of the death of Osama bin Laden. Such messages contained malicious files as well as links to legitimate payware.

News of the death was even used in the emails of the so-called Nigerian scammers. The trick they used to attempt to extract funds generally stayed the same: the scammers request payment of a small sum with the promise of being returned a much bigger sum in the future. It is worthwhile noting that instead of traditional requests for ‘help’, these new email scams threaten users by saying that their accounts can be frozen due to the suspicion that they are connected with terrorism.

In terms of regional change, Russia has become the world leader in terms of the quantity of malware found in emails detected by antivirus programs, replacing the USA, where the quantity of infected emails received fell by 3.5 per cent. The most widespread malware distributed via email was the Trojan-Spy program Trojan-Spy.HTML.Fraud.gen. Worms like Email-Worm.Win32.Mydoom.m, Email-Worm.Win32.Bagle.gt and Email-Worm.Win32.NetSky.q all remained high in the ratings, while newcomers included two Trojan-Downloader.Win32.FraudLoad Trojans. This type of program installs fake antivirus programs on PCs.

The most marked changes took place in the ratings of web services attacked the most with the use of phishing emails. 4.67 per cent of all phishing emails were intended to steal passwords for the popular free online game RuneScape. As a result, this platform made its debut in the top-ten straight in at No. 3 - way ahead of World of Warcraft - the most popular online game in the world. RuneScape is also of interest to cybercriminals, as it has access to user details of the popular social networking site, Facebook. The overall leader in the rating remained the payment system PayPal, which saw a small rise in the number of phishing emails (23.28 per cent on the figure for April 2011).

The full version of spam activity for May 2011 is available on the site: http://www.securelist.com.

-ENDS-

Kaspersky Lab Newsroom

Kaspersky Lab has launched a new online newsroom, Kaspersky Lab Newsroom Europe (http://newsroom.kaspersky.eu/en), for journalists throughout Europe. The newsroom is specifically designed to serve many of the media’s most common requests, making it easier for journalists to find product and corporate information, facts and figures, editorial copy, images, videos and audio files, as well as details about the appropriate PR contacts.

About Kaspersky Lab

Kaspersky Lab is the largest antivirus company in Europe. It delivers some of the world’s most immediate protection against IT security threats, including viruses, spyware, crimeware, hackers, phishing, and spam. The company is ranked among the world’s top four vendors of security solutions for endpoint users. Kaspersky Lab products provide superior detection rates and one of the industry’s fastest outbreak response times for home users, SMBs, large enterprises and the mobile computing environment. Kaspersky' technology is also used worldwide inside the products and services of the industry’s leading IT security solution providers. Learn more at www.kaspersky.co.uk. For the latest on antivirus, anti-spyware, anti-spam and other IT security issues and trends, visit http://www.securelist.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27218
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
CVE-2020-29367
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
CVE-2020-26245
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
CVE-2017-15682
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
CVE-2017-15683
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.