Sophos announces top ten web and email-borne threats for June 2007.

The figures, compiled by Sophos's global network of monitoring stations, show a further sharp rise in web-based threats. Sophos uncovered an average of 29,700 new infected web pages every day - around 80 per cent of which were located on hacked, legitimate sites.

The top ten list of web-based malware threats in June 2007 reads as follows:

1. Mal/Iframe - 64.0 per cent
   
2. Mal/ObfJS - 10.1 per cent
   
3. Troj/Psyme - 3.8 per cent
   
4. Troj/Fujif - 3.1 per cent
   
5. Troj/Decdec - 2.7 per cent
   
6. VBS/Redlof - 2.5 per cent
   
7. Mal/Packer - 1.1 per cent
   
8. Troj/Ifradv - 1.0 per cent
   
9. VBS/Haptime - 1.0 per cent
   
10. Mal/Zlob - 0.9 per cent

Others - 9.8 per cent

Iframe, which works by injecting malicious code onto web pages, has again topped the chart, accounting for nearly two thirds of the world's infected web pages. Earlier this month, an Iframe attack on multiple Italian web sites occurred, making headlines around the world. More than 10,000 web pages were infected, most of which were on legitimate but compromised web sites hosted in Italy. Victim sites included Italian city councils, employment services and tourism sites. Most of the affected pages appear to be hosted by one of the largest ISPs in Italy.

"The Italian Iframe attack should certainly act as a wake-up call to ISPs across the globe," said a Sophos spokesman. "Malicious code dumped on these websites is just waiting to pounce on innocent surfers. Web sites should be as secure as Fort Knox, but at the moment, too many web pages are easy pickings for cybercriminals."

The top ten list of countries hosting malware-infected web pages in June 2007:

1. China (including Hong Kong) - 59.3 per cent
   
2. United States - 23.9 per cent
   
3. Russia - 3.6 per cent
   
4. Germany - 1.7 per cent
   
5. Ukraine - 1.4 per cent
   
6. Italy - 1.0 per cent
   
7. Taiwan - 0.8 per cent
   
8. Brazil - 0.8 per cent
   
9. United Kingdom - 0.8 per cent
   
10. Canada - 0.6 per cent

Others - 6.1 per cent

While China retains its position at the top of the chart this month, Italy is a new entry and this is largely due to the Iframe attack. ObfJS, which was the second most prevalent web-based threat this month, also contributed to Italy's status in the top ten, following a potent attack on a popular, legitimate web page early in June.

The top ten list of email-based malware threats in June 2007 reads as follows:

1. W32/Netsky - 31.4 per cent
   
2. W32/Mytob - 20.9 per cent
   
3. Mal/Iframe - 10.9 per cent
   
4. W32/MyDoom - 6.4 per cent
   
5. W32/Sality - 5.4 per cent
   
6. W32/Zafi - 5.0 per cent
   
7. W32/Bagle - 5.0 per cent
   
8. Mal/DownLdr - 2.6 per cent
   
9. W32/Stratio - 2.6 per cent
   
10. W32/Nyxem - 2.0 per cent

Others - 7.8 per cent

Interestingly, Iframe's appearance in the email-based chart demonstrates that it is not limited to only infecting via the web. Hackers can embed the malware into emails using HTML to exploit users.

Related links: (Open in a new window.)
www.sophos.com

View printable version (opens in new window)
Back