Fortinet announces April 2007 top reported threats

Fortinet® – the pioneer and leading provider of unified threat management (UTM) solutions – announced the top 10 most reported high-risk threats for April 2007. The report, compiled from all FortiGate™ multi-threat security systems in production worldwide, is a service of the Fortinet Global Threat Research Team.

April 2007’s top 10 threats, as determined by the degree of prevalence are: 

HTML/BankFraud.E!phish
 

2       
 

HTML/Phishbank.BGU!phish
 

5.57
 

3       
 

W32/Stration.JQ@mm
 

2.28
 

4
 

W32/Bagle.DY@mm
 

Mass mailer
 

2.01
 

5       
 

W32/Netsky.P@mm
 

1.95
 

6       
 

HTML/Iframe_CID!exploit
 

1.67
 

7       
 

W32/Grew.A!worm
 

1.17
 

8
 

Adware/Solutions180
 

1.03
 

9
 

W32/Bagle.GT@mm
 

1
 

10      
 

The April top 10 highlights the following:

• While last month detections of HTML/Volksbanken!phish dropped down to 21st place, with BankFraud.E ranking at 25th place and BankFraud.OD at 32nd place, April witnessed the return of phish detections at the top. BankFraud.E and Phishbank.BGU generic detections are totaling more than 16 percent of global hits on FortiGate™ appliances worldwide. Overall, phishing detections have increased by 13.72% (from 3.72% to 17.44% of all detections) since last month.
• Although in 10th place last month, Adware/ Solutions180 is now ranked at No. 8. Fortinet tracking shows an absence of activity peaks, which are characteristic of the use of large botnets for spyware/adware planting.
• A Stration variant, W32/Stration.JQ@mm was seeded so heavily this month that it took over the third place in our top 10. A look at its activity evolution along the month shows that the majority of detection hits were gathered on a single day: April 19, 2007.
• The W32/ANI07.A!exploit (aka MS07-017) has been steadily exploited along the month, and overall represents 1 percent of April's global malware activity, which is a tremendously high score for a mainly web-based exploit.

To read the full April report, please visit http://www.fortiguardcenter.com/reports/roundup_apr_2007.html. For ongoing threat research, bookmark the FortiGuard Center (http://www.fortiguardcenter.com/) or add it to your RSS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html.

About Fortinet (www.fortinet.com)
Fortinet is the pioneer and leading provider of ASIC-accelerated multi-threat security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, VPN, spyware prevention and antispam--providing customers a way to protect multiple threats as well as blended threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified eight times over by ICSA Labs (firewall, antivirus, IPSec, SSL, IPS, client antivirus detection, cleaning and antispyware). Fortinet is privately held and based in Sunnyvale, California.