Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Fortinet Announces Top Reported Threats for September 2007

  • 02 October, 2007 14:50

<p>Fortinet® – the pioneer and leading provider of unified threat management (UTM) solutions – today announced the top 10 most reported high-risk threats for September 2007. The report, compiled from all FortiGate™ multi-threat security systems in production worldwide, is a service of the Fortinet Global Security Research Team.</p>
<p>September 2007’s top 10 threats, as determined by the degree of prevalence are:</p>
<p>Rank Threat Name Threat Type % of Detections,
#1 Adware/CashOn Spyware 13.86%,
#2 W32/Netsky.P@mm Mass mailer 9.85%,
#3 HTML/Iframe_CID!exploit Exploit 7.30%,
#4 W32/ANI07.A!exploit Exploit 5.04%,
#5 HTML/Obscured!exploit Exploit 5.02%,
#6 W32/Dialer.PZ!tr Trojan 2.55%,
#7 W32/Grew.A!worm Worm 2.49%,
#8 W32/Bagle.DY@mm Mass mailer 2.30%,
#9 W32/Virut.fam Virus 2.06%,
#10 W32/Dloader.K!tr Trojan 1.98%.</p>
<p>The September top 10 highlights the following:
• CashOn reaches the top of the list this month, moving from last month's fourth place. The adware toolbar plugin has almost doubled in volume since August and is far ahead of the rest of the top 10 in terms of activity.
• Obscured!exploit continues to gain momentum, though not as fast as CashOn. This malware is part of the top ten for the second consecutive month with a 10 percent increase in its level of activity compared to August.</p>
<p>As stated earlier, the most notable threat in September’s top 10 is CashOn, an adware toolbar plugin that first made its mark on the list last month. The adware has experienced an activity increase of almost ten-fold within the last two months, achieving a 90 percent growth rate. Similar to last month, the FortiGuard Global Security Research Team noticed distribution peaks twice a week, specifically on Mondays and Wednesdays, with 99.8 percent of all activity primarily occurring in Korea.</p>
<p>CashOn is adware that can be installed without the user’s permission. Once downloaded or automatically ran through exploits, it becomes part of the user's Web browser. CashOn can hijack the browser's settings by changing configurations, such as the user's homepage. As a result, each time a user loads up his/her browser, he or she will be directed to the homepage of CashOn in Korea.</p>
<p>CashOn resides on a Korean top-level Web site domain and acts as a gateway to various other Korean-based shopping sites. An initial visit to CashOn's portal exposes the user to neatly displayed e-commerce sites offering low priced items. When the user clicks on the displayed links to other shopping sites, they are tracked so that any purchase can be traced back to CashOn. In fact, the various website URLs all target the same Korean locale and maintain stateful information so that CashOn can collect on all referrals that passed through.</p>
<p>“The financial outlook of a thriving e-commerce market, polluted by an adware like CashOn, is substantial. In order to make profits from this business, there is a need for exposure, which requires an effective seeding strategy. The dominant seeding of CashOn suggests that there may have been more players behind this distribution campaign, who are being compensated for their efforts to spread this adware at haste,” said Derek Manky, Fortinet security research engineer. “In turn, this could foreshadow the surface of another related variant or strain, raising an eyebrow to security concerns. Users need to continue to educate themselves on these types of threats to ensure that they have the necessary protection to guard against future outbreaks.”</p>
<p>To read the full September report, please visit For ongoing threat research, bookmark the FortiGuard Center ( or add it to your RSS feed by going to To learn more about FortiGuard Subscription Services, visit</p>
<p>About Fortinet (
Fortinet is the pioneer and leading provider of ASIC-accelerated unified threat management, or UTM, security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, VPN, spyware prevention and anti-spam -- designed to help customers protect against network and content level threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified in six programs by ICSA Labs: (Firewall, Antivirus, IPSec, SSL, Network IPS, and Anti-Spyware). Fortinet is privately held and based in Sunnyvale, California.</p>
<p># # #</p>
<p>Fortinet is a registered trademark of Fortinet, Inc. Fortinet, FortiGate, FortiOS, FortiAnalyzer, FortiASIC, FortiCare, FortiManager, FortiWiFi, FortiGuard, FortiClient, and FortiReporter are trademarks of the Fortinet, Inc. in the United States and/or other countries. All other trademarks referred to herein are the property of their respective owners.</p>

Most Popular