Symantec reports polymorphic malware soaring to 72% during September

The increase, says the IT security vendor, shows that cybercriminals are adopting a variety of new and more sophisticated techniques, such as spoofing smart printers/scanners.

According to the report, the spam level in the UK was 75.5% in September, with one in 129.9 emails being blocked as malicious. The UK remained the second most targeted country, with one in 221.1 emails identified as phishing attacks.

Commenting on the September statistics, Paul Wood, a senior intelligence analyst with Symantec, said that the unprecedented high-water mark with polymorphic malware underlines the nature by which cyber criminals have escalated their assault on businesses in 2011, fully exploiting the weaknesses of more traditional security countermeasures.

Further analysis, he says, also reveals that the social engineering behind many of these attacks became even more sophisticated with cyber criminals adopting a variety of new techniques such as spoofing a smart printer/scanner.

Some of the newest printers have a feature that allows users to email scanned documents to a specified email address on demand. Malware authors are now using social engineering tactics that simulate this feature to send executables in a compressed “.zip” archive via email, disguising the attachment as a scanned document.

Wood adds that the idea of your office printer sending you malware is perhaps an unlikely one, but perhaps this false sense of security is all that is required for such an attack to succeed.

The Symantec analyst went on to say that JavaScript has also been spotted as a means of infection by hackers during the month he notes that, for spammers, hosting simple JavaScript obfuscation pages on free hosting sites can increase the lifetime of that site before the site operator realizes the page is being used for malicious activity.

“JavaScript is popularly used for redirecting visitors of a compromised Web site to the spammers landing page. While some of these techniques have been common in malware distribution for some time, spammers are increasingly using them”, he explained.

Symantec reports polymorphic malware soaring to 72% during September

You may also like

Red October cyber-espionage campaign used highly sophisticated infiltration techniques

Webroot scores IT security success with Everton

Spammers hit Google Buzz

Downadup Gathers Steam Amid Vendor Confusion

Hacking: Same Same but Different

What’s hot on Infosecurity Magazine?

Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites

US Imposes Visa Restrictions on Alleged Spyware Figures

How to Backup and Restore Database in SQL Server

End-to-End Encryption Sparks Concerns Among EU Law Enforcement

Millions of Americans' Data Potentially Exposed in Change Healthcare Hack

Alarming Decline in Cybersecurity Job Postings in the US

North Korean Group Kimsuky Exploits DMARC and Web Beacons

Cybersecurity Pros Urge US Congress to Help NIST Restore NVD Operation

Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites

Dependency Confusion Vulnerability Found in Apache Project

Report Suggests 93% of Breaches Lead to Downtime and Data Loss

NIST Unveils New Consortium to Operate National Vulnerability Database

Incident Response: Four Key Cybersecurity Measures to Protect Your Business

Is MFA Enough? Strategies for Next-Level Identity Security in 2024

Disinformation Defense: Protecting Businesses from the New Wave of AI-Powered Cyber Threats

Navigating the Evolving Cybersecurity Compliance Landscape in 2024

Adapting to Tomorrow's Threat Landscape: AI's Role in Cybersecurity and Security Operations in 2024

Securing APIs in the Cloud Frontier

Infosecurity Magazine Spring Online Summit 2024: Day One

Infosecurity Magazine Spring Online Summit 2024: Day Two

Russia’s Midnight Blizzard Accesses Microsoft Source Code

I-Soon GitHub Leak: What Cyber Experts Learned About Chinese Cyber Espionage

LockBit Takedown: What You Need to Know about Operation Cronos

Women in Cybersecurity at Infosecurity Europe 2024