itb-nz logo
Story image

Scareware on the rise

13 Oct 2009

Fortinet’s September report found a spike in the number of scareware malware and several new computer vulnerabilities.The scareware scams range from email threats, botnet downloads and fraudulent software with the ultimate goal of scaring users into providing banking or credit card details.The one year anniversary of the Bredolab (W32/Bredo.G) scareware saw the botnet still going strong after its initial explosion last September. Recently Bredolab variants were pushed out through a mass mailing campaign that sent fake courier invoices. If the invoices are opened, the machines are recruited into a network of computer zombies.ZBot was also active in September, with tactics such as sending out professional-looking, too-good-to-be-true job advertisements that requests the user’s bank account details to process payments.There were also a number of zero-day attacks, with remote-code execution vulnerability in Microsoft Server Message Block having low, but steadily increasing exploit activity, though Microsoft has now released a temporary fix for the vulnerability. The Microsoft ISS FTP Service and Adobe Reader/Flash vulnerabilities are increasingly being used in attack activity.Project Manager of Cyber Security and Threat Research for Fortinet Derek Manky said: “We’re seeing a steady, if not rapid, growth of scareware which – like other high-profile threats – will eventually begin to diminish in success and profitability once end-users become wise to them.”