Malware attacks in July greater than all of last year

News 27 Aug, 2008

Staggering amounts of malware detected and blocked, mainly due to compromised websites and SQL injection attacks.

Security provider ScanSafe has revealed that the amount of malware it blocked in July 2008 was 34 per cent more than in the whole of 2007.

The amount of malware in the first two weeks of July was described as ‘extraordinary’, with the amount blocked increasing by 87 per cent compared to the previous month. The company said that 83 per cent of malware blocked come from compromised websites.

The massive increase was mostly the result of SQL injection attacks, which were responsible for 75 per cent of the blocks and IT PRO has already indentified SQL injection as one of the major security threats for 2008.

Scansafe said that the majority of the SQL injection attacks were related to the Asprox botnet, which has already caused damage on many legitimate websites.

The vendor suggested that Asprox had its origins in Russia, and had criminal interests ranging from spam and click fraud to fake anti-spyware software and trojans.

Evidence showed that social engineering email scans were managing to get past spam filters. Once it had got past the filters, ScanSafe said that 95 per cent of its customers were falling for the scams and clicking through.

“It is disconcerting that cyber criminals are becoming increasingly sophisticated in creating these scams, so much so that more and more people are falling for them,” said Mary Landesman, senior security researcher at ScanSafe.