Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.

Fortinet Announces Top Reported Threats for November 2007

  • 04 December, 2007 18:33

<p>Fortinet® – the pioneer and leading provider of unified threat management (UTM) solutions – today announced the top 10 most reported high-risk threats for November 2007. The report, compiled from all FortiGate™ multi-threat security systems in production worldwide, is a service of Fortinet’s FortiGuard Global Security Research Team.
November 2007’s top 10 threats, as determined by the degree of prevalence are:</p>
<p>#1 W32/Netsky!similar Mass mailer 10.87%,
#2 HTML/Iframe_CID!exploit Exploit 8.21%,
#3 HTML/Clicker.AC!tr Trojan 6.60%,
#4 W32/ANI07.A!exploit Exploit 5.14%,
#5 W32/Stration.JQ@mm Mass mailer 3.11%,
#6 W32/MyTob.CJ@mm Mass mailer 2.42%,
#7 W32/Bagle.DY@mm Mass mailer 2.25%,
#8 W32/Grew.A!worm Worm 2.09%,
#9 Adware/TCent Adware 1.86%,
#10 Adware/Bdsearch Adware 1.71%.</p>
<p>The November top 10 highlights the following:</p>
<p>• The beginning of the holiday season led to the arrival of two new adware, TCent and Bdsearch, which reached the top ten for the first time this month. Meanwhile, Clicker.AC, which bypasses code to prevent browser pop-ups, claimed a solid third place.</p>
<p>• Mass mailers dominated the top ten in November, remaining a strong threat. Netsky!similar represents the highest volume detected this month with 10.87 percent of the overall reported activity, whereas mass mailer MyTob.CJ, which first reached the top ten in October, and Bagle.DY maintained their level of activity and respectively reached the sixth and seventh positions.</p>
<p>• Stration.JQ, absent from the monthly top ten since June, was back in force as November came to a close, jumping into fifth place from last month's 57th position.</p>
<p>For this holiday season, Fortinet security researchers not only reported a general increase in malicious online advertising – with the emergence of new adware such as TCent and Bdsearch – but also an increase in the sophistication of Internet threats in general.</p>
<p>Clicker.AC, for instance, has code that is specifically designed to bypass browsers’ pop-up blocking technology, which is supposed to block pop-up advertisements. Users who have pop-up blocking enabled should be suspicious if their browsers still display pop-ups. Clicker.AC “anti-anti-popup” technology is a good example of how pop-up generators and pop-up blockers are engaged in an arms race, much like spam filters and spam generators.
Such malware can however be stopped by advanced antivirus solutions, such as the features found in Fortinet’s UTM appliances, which will detect and block Clicker.AC before it attempts to circumvent the computer’s pop-up blocking features.</p>
<p>Another example of the increasing sophistication of malware is Stration.JQ, which relies on an advanced social engineering strategy based on dual attachments. While the email received by end users aims at misleading them by providing instructions for personal account access, the innovation lays in the attachments: an “authorization module”, which is in fact Stration.JQ, coupled with a PDF attachment containing financial information such as an invoice, a fee analysis, etc. The content of the email and PDF are both intended to stir the user’s curiosity and make the request sound legitimate, therefore tremendously increasing the click-through rate of the mass mailer. Unfortunately, any user opening the "authorization module" will turn her/his computer into a bot.</p>
<p>“Hacking legitimate site content to host malicious code has become very common. This month, many trusted Internet sites were unwittingly ‘hosting’ flash advertisements injected with encrypted redirects, forcing users to visit other sites once the ad was displayed. More determined efforts to conceal malware using trusted sources are likely to be made as we enter into the busy holiday season of December,” said Derek Manky, security research engineer at Fortinet. “Examples of adware such as Clicker.AC illustrate the trend in what is becoming the blend between malware and grayware and further emphasizes the need for threat awareness, not only from the end user’s perspective, but also for corporations and their affiliates.”</p>
<p>To read the full November report, please visit</p>
<p>For ongoing threat research, bookmark the FortiGuard Center ( ) or add it to your RSS feed by going to .
To learn more about FortiGuard Subscription Services, visit .</p>
<p>About Fortinet (
Fortinet is the pioneer and leading provider of ASIC-accelerated unified threat management, or UTM, security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, VPN, spyware prevention and anti-spam -- designed to help customers protect against network and content level threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified in six programs by ICSA Labs: (Firewall, Antivirus, IPSec, SSL, Network IPS, and Anti-Spyware). Fortinet is privately held and based in Sunnyvale, California.</p>
<p># # #
Fortinet is a registered trademark of Fortinet, Inc. Fortinet, FortiGate, FortiOS, FortiAnalyzer, FortiASIC, FortiCare, FortiManager, FortiWiFi, FortiGuard, FortiClient, and FortiReporter are trademarks of the Fortinet, Inc. in the United States and/or other countries. All other trademarks referred to herein are the property of their respective owners.</p>
<p>Media Contact:
Sebastian Rice,
02 9959 1991,</p>

Most Popular