Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

8/21/2007
08:18 AM
50%
50%

63% of Malware Distributed by US Sites

Cyveillance announced its latest 'Online Financial Fraud and Identity Theft Report'

ARLINGTON, Va. -- Cyveillance, the world leader in cyber intelligence, today announced its latest “Online Financial Fraud and Identity Theft Report.” The report indicates that United States-based Web surfers are more at risk to malware attacks and online identity theft schemes than citizens from other countries, with more than 63 percent of malware distributed on U.S.-based Web sites. In addition more than 2 million URLs world-wide distributed malicious downloads to site visitors. Cyveillance also determined that despite the rate of traditional phishing attacks leveling off, there was a 20% increase in the aggregate quantity of brands targeted, indicating that phishers continue to change targets. Since 2005 over 1,400 companies have been attacked.

Using intelligence collected through its comprehensive Internet monitoring, Cyveillance found that of the 284 brands targeted by phishing attacks for the first time during the second calendar quarter of 2007, more than 80 percent were U.S.-based financial institutions. These figures draw a distinct parallel to the total number of compromised credit cards found online, of which more than 80 percent were supplied by US issuers.

Malware distribution via the Web has evolved into a specialized “fraud chain” comprised of malware hosting sites, distribution sites and drop sites. China and the United States host 60 percent of sites where malware binaries are stored, while 63% of the sites being used to attract and distribute malware are hosted in the United States. The United States also hosts over 50 percent of the world’s malware drop sites, which collect information from infected computers that use keyloggers, screen scrapers and other approaches to passively harvest sensitive personal information.

“Through comprehensive Internet monitoring, our cyber intelligence analysts have seen a significant quarter over quarter increase in malicious online risks targeting U.S. citizens,” said Panos Anastassiadis, CEO of Cyveillance. “As Internet utilization rates continue to rise, the risks to organizations and consumers for data and identity theft grow exponentially. Understanding where these threats are coming from and who they are most likely to target goes a long way in proactively neutralizing these risks.”

Cyveillance

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24259
PUBLISHED: 2021-05-05
The “Elementor Addon Elements� WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24260
PUBLISHED: 2021-05-05
The “Livemesh Addons for Elementor� WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24261
PUBLISHED: 2021-05-05
The “HT Mega – Absolute Addons for Elementor Page Builder� WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by ...
CVE-2021-24262
PUBLISHED: 2021-05-05
The “WooLentor – WooCommerce Elementor Addons + Builder� WordPress Plugin before 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-priv...
CVE-2021-24263
PUBLISHED: 2021-05-05
The “Elementor Addons – PowerPack Addons for Elementor� WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scriptin...