McAfee Inc., the leading provider of intrusion prevention solutions, today announced the top 10 malicious threats identified by McAfee AVERT, the company's Anti-virus and Vulnerability Emergency Response Team, to afflict both enterprise and home users worldwide in the first half of 2004. McAfee AVERT reports that mass mailers are still the predominant method by which virus writers impact enterprises, whereas Potentially Unwanted Programs (PUPs) like spyware/adware related malware account for 60% of the malicious threats tracked, significantly impacting consumer and home users. Based on reports, McAfee AVERT also anticipates phishing schemes will continue to increase throughout the remainder of 2004 due to general lack of consumer awareness.
Overall, computer virus attacks warranting a Medium risk assessment or higher have dramatically increased in the first half of 2004, compared to all of last year. By the end of the first quarter of 2004 alone, McAfee AVERT had already seen more viruses reach a Medium assessment or higher than in all of 2003 -- with over 21 Medium or higher viruses in the first quarter of 2004 compared to 20 Medium or higher viruses in all of 2003. In the first half of 2004, 50 new computer viruses were unleashed every day. By the end of the year, another 17,000 to 18,000 new malware threats will have been added to McAfee AVERT's growing database of threats for the year 2004.
The top 10 threats in the first half of 2004 all fall into one of the following three key areas: email-borne virus threats, malware threats delivered by spam, and spyware/adware threats. Listed in order of significance, are the top threats:
- Exploit-MhtRedir.gen
- VBS/Psyme
- Adware-Gator
- Adware-180Solutions
- Adware-Cydoor
- Adware-BetterInet
- W32/Netsky.d@MM
- W32/Netsky.p@MM
- W32/Netsky.q@MM
- 32/Mydoom.a@MM
"The rise in viruses, worms, Trojans and unwanted programs such as spyware, hacking tools and password stealers in the first half of 2004 has already surpassed what we saw throughout all of 2003, bringing us very close to the 100 thousandth mark for identified threats," said Vincent Gullotto, vice president of McAfee AVERT. "Although we saw a steady decline in the rate of viruses produced from 2000 to 2003, down to a 5% year over year growth, we've seen a 20% increase of malware-related threats between 2003 and 2004 -- and anticipate that these numbers will stay at the higher rate of growth for the immediate future."
McAfee AVERT, which ranks viruses according to the severity and number of samples it receives, categorizes viruses in the order of Medium, Medium-on-Watch, High and High-Outbreak. In the first half of 2004, McAfee AVERT analyzed and protected against 29 Medium viruses, compared to 14 Medium viruses in all of 2003; one medium-on-watch virus, compared to three medium-on-watch viruses in all of 2003 and one high-outbreak virus, compared to three high-outbreak viruses in all of 2003.
McAfee AVERT continues to expand its vulnerability discovery, analysis and reporting capabilities and found that just within the first half of 2004, 11 exploits targeting four Microsoft vulnerabilities were widely reported versus 15 exploits targeting seven Microsoft vulnerabilities in all of 2003.
Mass Mailers Still Lead
Mass mailers consist of standalone programs that send themselves out as an email attachment to email addresses that are harvested from infected computers, resulting in a large number of machines infected in a short amount of time. In addition, worms that carry viruses and backdoors inside them or that have additional features, such as local network spreading or password or data stealing, have become more popular in
-
nature.
Overall, enterprises tend to be more affected than consumers by email-borne viruses because corporate employees are less likely to use free software applications that happen to also deliver spyware or adware.
Spyware/Adware Threats Continue to Climb
Today's adware is more often categorized as surveillance-driven spyware, programs that are dropped onto a user's system and installed without their knowledge. In addition, spam that is encoded with exploit capabilities to also install spyware has become an increasing issue among consumers. McAfee AVERT's top two listed threats, MhtRedir and Psyme, are of this class. Overall, consumers are more affected by spyware/adware threats and less by email-borne threats because most consumers use Internet Service Providers that proactively scan and clean email viruses before being delivered to the consumer.
Phishing and Identity Theft Become Increasing Concern
Phishing attacks use spoofed emails and fraudulent Websites designed to fool recipients into divulging personal financial data such as credit card numbers and social security numbers. According to leading analyst firm Gartner, 92 percent of phishing attacks occurred just within the last year. McAfee AVERT anticipates phishing schemes and identity theft will continue to be a problem among the consumer community until further education and widespread acceptance of proactive protection occurs.
In an effort to address the above threats and malicious programs, McAfee AVERT recommends both enterprises and consumers constantly stay updated with the latest DATs, install the latest patches, employ current spam filters and implement a multi-layered approach to detecting and blocking attacks.
For more information, McAfee Inc. can be reached at (972)963-8000 or on the Internet.
