The Latest Cyberoam News
Product and Solution Information, Press Releases, Announcements
| Spammers Attack Sourceforge Wiki Revealing Vulnerabilities Faced By User Content | |
| Posted: Thu Nov 12, 2009 02:01:00 PM | |
|
Cyberoam, a division of Elitecore Technologies and the innovator of identity-based Unified Threat Management (UTM) solutions, today announced the Q3 2009 Internet threats trend report, prepared in collaboration with its partner, Commtouch. Among the top stories, Sourceforge.net, a popular download site for open source software, saw a search engine spam attack in its wiki subdomain, with keywords and inbound links leading to a specific pornography site. The above incident could have as easily involved a malware hosting site, which puts the consumers of user generated content such as wikis at huge risk from threats where spammers hide inappropriate content deep inside the site URL while simultaneously using reputable domains/subdomains for getting a higher page rank. Says Abhilash Sonwane, VP, Product Management, Cyberoam, “The proliferation of open source user generated content such as wikis has created new opportunities for spammers. Since, these projects run on collaboration and trust among a community, search engine bombers can misuse the open environment to fill up wiki-like pages with their own marketing promotional links and use reputed domains/subdomains to rank their page higher. The presence of malware hosting sites only aggravates the problem.” Also, in the report, the current financial crisis and the debate around health care reform in the US have made Americans an easier target for 419 scammers. One of the more creative examples seen by Cyberoam was in an ironical message that appeared to be from the “F.B.I.” explaining to the recipient that he or she has been targeted for a 419 scam and they have recourse to quick retrieval of funds. Another email touted bogus low-cost health insurance coverage for recipients with a working unsubscribe link for deception. Another major highlight of the report was regarding higher-than-average spam levels which shot up to an astonishingly high 97% in July. Pharmacy spam continues to be at top spot where spammers are using innovative ways to bypass content and human filters, such as masquerading their spam through Facebook messages. There was also an outbreak of Google Spreadsheet spam, where a pharmaceutical spammer used Google Spreadsheets for URL redirection, seeing that such applications are typically trusted by anti-spam filters. For the 2nd quarter in a row, Cyberoam saw spikes in email-borne viruses not caught by major anti-virus engines. Out of these, two particular viruses Mal-Bredo A and Mal-Behav 340 saw distribution of over 10,000 distinct variants. Sites in the “Health and Medicine” and “Sex Education” category topped the list of sites manipulated by phishing schemes. Brazil continues to remain the zombie hotspot accounting for nearly 19.7% of global zombie activity. Cyberoam uses the Commtouch RPDTM technology to analyze large volumes of Internet traffic in real-time. Unlike traditional spam filters, it does not rely on email content, so it is able to detect spam in any language and in every message format (including images, HTML, etc.), non-English characters, single and double byte, etc. Its language and content agnostic nature enables it to provide effective spam blocking capabilities. Cyberoam incorporates this technology within its unique identity-based UTM appliances, which deploy user identity-based functionality across all of its features. A departure from traditional IP address-dependent solutions, Cyberoam determines precisely who is doing what in the network, providing IT managers with stronger policy control and clearer visibility of activity. |