GFI Software Reports Continued Malware Infections

GFI

^®

Software today announced the top 10 most prevalentmalware threatsfor June 2011. Highlights for the month included continued phishing attacks, notably one affecting microblogging siteTumblr, which compromised up to 8,000 user accounts, making it one of the most successful phishing attacks of its kind. Additionally, June saw scammers distributingrogue antivirus softwareby taking advantage of search traffic related to popular Pokemon™ video games, as well asluring users to fill out seemingly endless fake questionnaires.

“The Tumblr phishing and spam attacks highlight the importance of building greater awareness about online threats and simple tactics we can all use to defend ourselves,” said Chris Boyd, senior threat researcher at GFI Software. “Some of the attacks we saw in June were aimed at compromising social networking login credentials knowing that many people still use the same username and password for all their online activities, including banking, shopping and email. It is important for users on any social networking site to approach content that looks out of place with care since, as seen on Tumblr, seemingly innocuous attacks can evolve into more serious threats. Also, strengthen your passwords and vary them across all your online accounts to limit your risk and exposure if one is compromised.”

Phishing scams have become increasingly common on social networking sites as scammers have become savvier and bolder in their attacks. In recent months, scammers have used surveys, competitions and the promise of adult content to entice Internet users into divulging their personal information.

GFI also explored the risk of reputation hijacking through legitimate cloud services likeGoogle Docs. The company found a large number of phishing sites using Google Spreadsheets to steal credentials of unsuspecting users.

June also brought some positive news in the fight against online scammers.The U.S. Department of Justice and the FBIannounced that they had cracked an international cybercrime ring believed to have scammed more than $72 million through scareware sales. As part of Operation Trident Tribunal, the FBI seized computers, servers and bank accounts in a series of raids.

As the summer months continue to roll on, Internet users should be wary of topical threats, which are potential targets forfake antivirus attacks, SEO poisoning and survey scams. These may include the final Harry Potter film and increasing interest in recently announced Republican presidential candidates.

Top 10 Malware Detections for June

GFI’s top 10 malware list is compiled from collected scan data of tens of thousands ofGFI VIPRE^®Antiviruscustomers who are part of GFI’s ThreatNet™ automated threat tracking system. ThreatNet statistics revealed that the vast majority of malware threats found continue to be Trojans, mostly detected in generic form, and that a higher than average number of adware threats propagated during June.

Detection                                              Type                             Percent

Trojan.Win32.Generic                            Trojan                           29.78    

Zugo Ltd (v)                                         Misc (General)               2.37

INF.Autorun (v)                                     Trojan                           1.59

Exploit.PDF-JS.Gen (v)                        Exploit                          1.41

Trojan.Win32.Jpgiframe (v)                    Trojan                          1.39

Trojan.JS.Redirector.cd (v)                    Trojan                           1.32

Trojan-Spy.Win32.Zbot.gen                   Trojan                           1.20

Pinball Corporation. (v)                          Adware (General)           1.13

Adware.Win32.Gen                              Adware (General)          1.12

GameVance                                         Adware (General)          1.07

About GFI Labs

GFI Labsspecialises in the discovery and analysis of dangerous vulnerabilities and malware that could be exploited for Internet and email attacks. The research team actively researches new malware outbreaks, creating and testing new threat definitions on a constant basis.

About GFI

GFI Software provides web and mail security, archiving, backup and fax, networking and security software and hosted IT solutions for small to medium-sized businesses (SMBs) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMBs, GFI satisfies the IT needs of organisations on a global scale. The company has offices in the United States, United Kingdom, Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold Certified Partner.