Exploit activity is typically at a rate of 30 to 40 percent, according to Fortinet's newly released January 2011 Threat Landscape report. Close to half of "critical" vulnerabilities were exploited by attackers, the report found.
"It is no secret that software vulnerabilities continue to be disclosed in large numbers on an ongoing basis -- especially critically rated ones," said Derek Manky, senior security strategist at Fortinet's FortiGuard Labs. "Hackers are sinking their teeth into unprotected systems, thanks to readily available exploit code and attack frameworks that support these new vulnerabilities. Since they are freshly disclosed, not everyone may have up-to-date signatures or proper patches in place."
Virut is especially difficult because it contains a bot component, he said in his post. "FortiGuard Labs observed Virut downloading other botnets (VBCF) -- meaning an infected system would soon have multiple pieces of malware in place. Virut is one of the most persistent botnets we see today, since it is tough to remove from an infected system, uses a public IRC domain (has not been taken offline during its four-year run), and has hybrid spreading capabilities."
Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.