Most malware in August spread from Korea
By Rene Millman,
Most malware in August appeared to come from servers based in Korea, according to a new report.
Research carried out by IT security company Fortinet found that 89 per cent of malicious code activity was based in just one country. According to reports, this was mostly attributed to the Dloader.K!tr (aka small) trojan. This worm showed large spikes of activity in Korea. Researchers at the company said that this indicated that a distribution campaign was going on in the country by cybercriminals.
The research also unearthed increased activity by the CashOn adware program, which is installed via a toolbar plug-in for a Korean website.
Another trend witnessed last month was "service luring" or "sluring" websites. According to Guillaume Lovet, manager for the FortiGuard Global Security Research Team, these sites offer a service to users that never materialises but often end in a victim's personal details being used to commit identity fraud.
Fortinet said that one website prompts a user to enter their MSN login name and password to find out if their contacts have blocked or deleted the user from their lists. Lovet said that not only did the sites not perform the expected service, the user's Messenger nickname is then used in a URL to promote the service to other users in their contact list.
"Service-luring sites are less likely to be shut down than phishing sites, given that there is no actual infringement taking place and these sites tend to have unique terms and conditions," said Lovet. "But like phishing sites, users giving their login and password information don't realise that it can be easily used for wrong purposes. As a rule, users should never give out any login credentials to an online service, regardless of the reason for the request."
He said that this "worm-like" method of driving traffic has proved successful, given that one particular site was registered three months ago and has been translated into 20 languages.
advertisement
Latest Security Features
NHS IT - something to celebrate?
To mark the 60th anniversary of the NHS, IT PRO examines the massive IT overhaul at the health services giant.
- Q&A – Tom Ilube, head of Garlik
- Ten of the most infamous ‘black hat’ hackers
- USB Flash Disks: A modern day business curse?
- Creating a mobile data management policy
- Behind the scenes: Symantec's malware battle
- The rise of storage security
- Google Mail Security
- Demand for tougher data breach legislation
- An Audience with Bill Gates
Latest Security Reviews
Finjan Vital Security Web Appliance NG-6000S
Rating: 
- LogLogic MX2010
- Exclusive: WatchGuard Firebox Core X750e
- Sophos ES4000 Security Appliance
- Microsoft Forefront Security for Exchange and SharePoint
- EXCLUSIVE: Juniper Networks SSG 550 UTM appliance
- EXCLUSIVE: Arbor Networks Peakflow X 3.7
- EXCLUSIVE: Check Point UTM-1 1050
- EXCLUSIVE: Finjan Vital Security NG-5100
- EXCLUSIVE: Astaro Security Gateway 120 Appliance
advertisement
Latest News Videos in Security
Video: Q&A with Richard Archdeacon, Symantec
PlayIT PRO speaks to Richard Archdeacon, director, global services, at the information security software vendor Symantec.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?