News
News
7/26/2004
03:58 PM
Connect Directly
RSS
E-Mail
50%
50%

McAfee: June Hack Tops So Far In 2004

The software security vendor's research and response team ranks the Download.Ject/Scob attack as the top threat during the first six months of the year.

While mass mailers continue to plague businesses and spyware is the big evil for consumers, the most serious threat in the first half of the year was the Download.Ject/Scob attack, which exploited still-unpatched vulnerabilities in Microsoft's Internet Explorer, McAfee said Monday.

McAfee's virus research and response team--dubbed Avert--ranked the Top 10 threats for the first six months of 2004, and put Download.Ject/Scob, a Trojan horse that infected Internet Explorer users' machines in a brief attack in late June, in the top spot. "At the time, [Download.Ject/Scob] seemed kind of minor, but once it got into networks, the impact was huge," Brian Mann, the outbreak manager for Avert, said in defending the ranking.

Avert also rated it tops, said Mann, as a kind of placeholder for the high number of attacks that use HTML code to move malicious code onto users' machines, as well as a way to spotlight the increasingly dangerous trend of behind-the-scenes attacks.

In the case of the Download.Ject/Scob Trojan, users were infected when they visited compromised servers running Microsoft's Internet Information Services software; vulnerabilities in their Internet Explorer browsers allowed the Trojan to open a back door and steal confidential information, all without users' knowing anything was afoot.

No. 2 on the hot list was VBS/Psyme, another Trojan that exploited a vulnerability in Internet Explorer. "The amount of different malware that uses these tactics is phenomenal," said Mann.

To come up with its Top 10 list, McAfee tallied the usual virus submissions by its clients, but also integrated factors such as customer impact--based on conversations with companies that use its anti-virus and security software-- and whether the attacks exploit an unpatched vulnerability.

Three of the Top 10 are variations of the Netsky worm, which leaped to prominence early this year as it engaged in a tit-for-tat exchange with rival Bagle. "The war between the Bagle and Netsky authors caused a tremendous increase in the number of virus attacks seen this year," said Mann. Of the four worms on the list were Netsky.d, Netsky.p, and Netsky.q; the other was the original MyDoom.

Four of the Top 10 spots in McAfee's list were occupied by various adware and spyware threats, proof that this security risk category is serious, and not just a danger to consumers.

"Spyware is most definitely a problem for enterprises," said Mann. There the biggest concern is over possible loss of critical and confidential data, Mann continued. "They're worried about what spyware is delivering, what it's doing to their systems."

The rise in spyware's seriousness--60% of the malicious threats McAfee tracked during the first half of the year were what it dubbed "Potentially Unwanted Programs, which includes spyware--is due to a number of factors, including better hacker technology, more virulent spyware, and devious tactics such as programs that automatically replace one uninstalled piece of spyware with another.

Overall, McAfee saw a continued increase in the number of security threats, and a dramatic climb in those it found worthy of watching. It counted a 20% increase in threats during the first half of 2004 compared with 2003, and had tagged more threats as "medium" or higher during 2004's first quarter than it did in all of 2003. "I've seen it from both the support side and the research side," Mann said, "and the increase of high-risk threats is just incredible."

Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.