Daily cyber threats and internet security news: network security, online safety and latest security alerts
June 18th, 2010

Number Of Infected PDF Files On The Rise, .RU Most Abused By Malware Hosters

Avira reports that the number of PDF documents rigged with malware rose by 50 percent in May compared with the previous month. Data gathered by the company also reveals that .ru was the preferred country code TLD for hosting malware and that .br had the largest number of phishing websites.

According to the German antivirus vendor, the most abused file extensions were exe, txt, php, jpg, dll, pdf, gif and com, while 31% of all malicious files detected had no extension at all. Even though the infected PDF documents represented only 1.20% of the total number, the increase compared with April was considerable – 52.14%. So were the monthly deviations for cmd (66.67%), ocx (56.25%) or swf (43.30%).

As far as domain TLD abuse goes, .com leads by far in both the phishing and malware hosting categories with 49.9% and 44.53%, respectively, although these numbers actually represent a decrease over the previous month. As expected, .com is followed in the stats by .net and .org, but the most interesting changes were registered for the country code TLDs.

While .kr (South Korea) dominated in both sections during April, this month, the .kr abuse registered major drops of 246.22% for phishing sites and of 27.72% for malware, leaving the lead to .br (Brazil) and .ru (Russia). “A big increase [of almost 100%] is noticeable in the usage of plain IP addresses,” Avira’s Manager of International Software Development, Sorin Mustaca, points out.

PayPal retains its domination in the stats for the most phish brands, being the target of 44.99% of registered attacks. The top five is completed by Ebay (16.05%), HSBC Bank (12.04%), Facebook (5.33%) and Bank of America (2.09%).

Finally, when it comes to spam, the preferred category for May was online pharmacy, which accounted for 13.37% of all junk email. This was followed by replica watches (7.34%), fake university degrees (7.26%), Nigerian 4190-like scams (2.80%) and loans (2.63).

Credit: News

Share this item with others:

More on CyberInsecure:
  • The Number Of Infected Machines In Botnets Quadrupled In Last 3 Months
  • New PDF Exploits Toolkit Targets Windows Users With Unpatched Adobe Reader
  • Critical PDF Processing Vulnerability In BlackBerry Enterprise Server
  • Number Of Infected Websites Almost Doubled During The Second Quarter
  • Adobe Web Portal Exposed Educational Software Users Personal Data

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Number Of Infected PDF Files On The Rise, .RU Most Abused By Malware Hosters

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.