Commtouch Q1 Malware Report: Server-side Polymorphic Viruses Surge Past AV Defenses
May 02 2007 - 7:00AM
Business Wire
Throughout the first quarter of 2007, server-side polymorphic
malware exploded across email, exploiting the well known zero-hour
vulnerability of traditional anti-virus solutions. The Q1 2007:
Malware Outbreak Trends, released today by Commtouch (NASDAQ:CTCH),
shows how malware writers are using speed, variation and social
engineering techniques to mass-distribute their malicious code
across the Internet. �The server-side polymorphic distribution
pattern has proven a �success� for malware writers. This method is
so adept at evading anti-virus defenses, that it is now being
adopted on a large scale,� said Haggai Carmon, Commtouch vice
president of products. �By creating a massive number of distinct
variants and releasing them in short, intense bursts, virus writers
are able to release new variants so quickly that signatures or
heuristics cannot be created quickly enough to protect against them
all.� During a peak early in the quarter, the Storm/Nuwar malware
released over 7,000 such variants in a single day. Another growing
tactic is the increasing utilization of social engineering
techniques developed by spammers to help spam slip past email
users� defenses. Malware writers recently began adopting these
methods on a large scale to help lure users to open messages and
click on attachments. The Storm/Nuwar outbreak in mid-January used
tabloid-style email Subjects like �230 dead as storm batters
Europe,� �First nuclear act of terrorism!� and �a bouquet of love�
to entice readers. In February the Tibs/Zhelatin email-borne
malware disguised itself as a friendly Valentine�s Day greeting,
coupling affectionate Subject line greetings with docile sounding
file names. Sample subject strings: 5 reasons i love you a song to
you Sample file names: flash postcard.exe greeting card.exe The
Nurech malware tries to fool its victims by adding benign sounding
file signatures such as �.doc�, �.jpg� and �.pdf� before the
�.exe�. Sample malware file names: rechnung-single.de.doc.exe
rechnung-singles.jpg.exe telekom.pdf.exe �Once focused on searching
for vulnerabilities in computer applications, virus writers are now
exploiting the vulnerability of the anti-virus solutions themselves
- the zero-hour,� explains Carmon. �This new breed of threats is
making every hour of an attack a revolving zero-hour, and even the
AV solutions need virus protection.� Commtouch Zero-Hour� Virus
Outbreak Protection detects and blocks email-borne outbreaks,
including server-side polymorphic malware within moments of their
release on the Internet. Powered by its Recurrent Pattern
Detection� technology, Commtouch�s Zero-Hour service is offered to
messaging, security and anti-virus vendors for OEM integration as a
complementary outbreak detection solution. To access the Q1 2007
Malware Outbreak Trends report, click
http://www.commtouch.com/documents/Commtouch_2007_Q1_Malware_Trends.pd
f (Due to its length, this URL may need to be copied/pasted into
your Internet browser's address field. Remove the extra space if
one exists.) About Commtouch Commtouch Software Ltd. (Nasdaq:CTCH)
is dedicated to protecting and preserving the integrity of the
world's most important communications tool -- email. Commtouch has
over 16 years of experience developing messaging software and is a
global developer and provider of proprietary anti-spam, Zero-Hour
virus protection and Reputation Service solutions. Using core
technologies including RPD� (Recurrent Pattern Detection), the
Commtouch Detection Center analyzes billions of email messages per
month to identify new spam and malware outbreaks within minutes of
their introduction into the Internet. Integrated by scores of OEM
partners, Commtouch technology protects thousands of organizations,
with over 50 million users in over 100 countries. Commtouch is
headquartered in Netanya, Israel, and has a subsidiary in
Sunnyvale, CA. For more information, see: www.commtouch.com,
including the Commtouch online lab detailing spam statistics and
charts.
CYREN (NASDAQ:CYRN)
Historical Stock Chart
From Jun 2024 to Jul 2024
CYREN (NASDAQ:CYRN)
Historical Stock Chart
From Jul 2023 to Jul 2024