GFI Labs: GFI® Software Monitors Continued Attacks on Social Networks in May

GFI® Software today announced the top 10 most prevalent malware threats for the month of May 2011. The month was marked by a number of Facebook survey scams baiting users with offers of free airline tickets, as well as exclusive video footage of Osama Bin Laden’s death. In May, users also faced the continued threat of rogue antivirus attacks around the Web, including a fraudulent Brad Pitt fan club website. 

“Surveys are an increasingly common tactic used to disguise a wide range of security threats lurking on Facebook and other social networking sites,” said Christopher Boyd, senior threat researcher at GFI Software. “Scammers also have improved their ability to immediately hijack high-profile news for their attacks. By exploiting breaking and developing news stories, they are catching users off guard. Users should always be wary of promises of free items or sensational content, and they should never share personal and financial information online unless they are dealing directly with a known, trusted and secure website — not a Facebook or Twitter post claiming to represent a recognised business or organisation.” 

Online scammers employ a number of lures to entice victims to participate in their surveys. Offers of free merchandise are often enough to trick users into reposting messages to their Facebook wall, which then redirect their friends to the same surveys. At best, those filling out the survey will be on the receiving end of high volumes of spam. At worst, any personal information they shared will be exploited by identity thieves, and their PCs will be infected with a broad range of malicious malware. 

In addition to traditional scams offering free merchandise or preying upon public curiosity by offering fake exclusive content such as video footage of Osama Bin Laden’s death, GFI also uncovered a viral spam attack on the popular microblogging site Tumblr. Taking advantage of the ease of Tumblr’s reblog feature, spammers tricked users into reblogging a phony message meant to keep their account from being deactivated. GFI recommends that users always investigate the original source of an “official message” to avoid such attacks. 

Top 10 Malware Detections for May

GFI’s top 10 malware list is compiled from collected scan data of tens of thousands of GFI VIPRE® Antivirus customers who are part of GFI’s ThreatNet™ automated threat tracking system. ThreatNet statistics revealed that the vast majority of malware threats found continue to be Trojans, mostly detected in generic form. 

Detection-------------------------------------Type-------------------Percent
Trojan.Win32.Generic! ----------------------BT Trojan------------------22.51
Trojan.Win32.Generic.pak!-------------------cobra Trojan----------------3.79
Trojan.Win32.Generic!-----------------------SB.0 Trojan-----------------3.73
Zugo Ltd (v) -------------------------------Adware (General)------------2.75
Trojan-Spy.Win32.Zbot.gen ------------------Trojan----------------------1.63
INF.Autorun (v) ----------------------------Trojan----------------------1.38
Pinball Corporation. (v) -------------------Adware (General)------------1.37
Trojan.JS.Redirector.cd (v) ----------------Trojan----------------------1.30
Malware.JS.Generic (JS) --------------------Exploit---------------------1.23
FraudTool.Win32.FakeRean -------------------Rogue Security Program -----1.13

About GFI Labs

GFI Labs specialises in the discovery and analysis of dangerous vulnerabilities and malware that could be exploited for Internet and email attacks. The research team actively researches new malware outbreaks, creating and testing new threat definitions on a constant basis.

About GFI

GFI Software provides web and mail security, archiving and fax, networking and security software and hosted IT solutions for small to medium-sized enterprises (SMEs) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMEs, GFI satisfies the IT needs of organisations on a global scale. The company has offices in the United States, United Kingdom, Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold Certified Partner.

For more information:

GFI Software
Please email David Kelleher on dkelleher@gfi.com
GFI - Malta: Tel: +356 2205 2000; Cell: +356 7906 3606; Fax: +356 21382419
URL: http://www.gfi.com

Davies Murphy Group
Please email Chris Green on gfi@daviesmurphy.com 
Tel: +44 (0)1256 807360
URL: http://www.daviesmurphy.com

Copyright © 2011 GFI Software. All rights reserved. All trademarks used are owned by their respective companies. To the best of our knowledge, all details were correct at the time of publishing; this information is subject to change without notice.