Threat Update: Spam and Phishing Out, Trojans and Scareware In

Posted 04/09/2009 at 4:20pm | by Mark Edward Soper

File-based threats, Trojans, and scareware were among the biggest threats in 2008

If you've been worrying about computer security for awhile, you might remember when macro viruses in Microsoft Word and Excel files were at the top of the exploit list. These file formats, along with the omnipresent Adobe Reader PDF format, are once again among the biggest threat vectors being exploited by today's malware, according to a new report from the Microsoft Malware Protection Center. Fittingly, the full report and a condensed key findings version are available in either PDF or Microsoft's own XPS formats. These reports cover the July-December 2008 period.

Some key findings include:

Scareware (which Microsoft calls "rogue security software") is on the rise, including the latest versions of our old friend Antivirus XP.
A slight reduction in unique vulnerability disclosures from 2007, but the High (most serious) category was larger in the second half of 2008 than in the first half of the year or the second half of 2007.
Applications continue to be the biggest target (86.7%, with browsers at 8.8%, and operating systems at only 4.5%)
The second half of 2008 saw a big rise in Microsoft security bulletins: over 67% more than in the first half of the year.
US English and Chinese-language browsers were the chief targets of browser-based exploits, accounting for almost 60% of all attacks.
Microsoft-based vulnerabilities accounting for more than 40% of browser-based attacks on systems running Windows XP, but less than 6% on systems running Windows Vista.
Ironically, the most frequently exploited vulnerabilities in Microsoft Office have been patched since 2006, but were targets mainly because up-to-date service packs were not installed.
Adobe PDF-based attacks rose sharply in the second half of 2008, but the attacks cited in the survey are blocked by the current versions of affected products.
Despite the rise in software-borne attacks, lost and stolen equipment continues to be the biggest security risk, amounting to 50% of the incidents listed in the OSF Data Loss Database.
The US, Canada, Europe and Russia continue to lead the world in phishing sites.
Miscellaneous Trojans, followed by Trojan downloaders and droppers are the two most common threat types detected and removed by Microsoft's Windows Live One Care and Forefront Client Security apps in the second half of 2008.
By contrast, older threats such as backdoors, viruses, exploits, and spyware are significantly less of a threat than in 2006 and 2007.

What have you found to be the biggest security threats you face in the office - and at home? Hit Comment and share your security war stories.

Tags:

Comments

Comments are closed on this article

jesicajame

May 02, 2009 at 9:03am

When searching for an antispyware scanner that will protect and clean your PC it can get a little confusing. There are so many available it’s hard to know which one will work the best. If you’re like me, you’ve probably tried a variety of them all and found they basically all find the same types of bugs. Through my experimenting I’ve found that the antispyware solution from Search-and-destroy at (http://www.Search-and-destroy.com) works the best. Search-and-destroy Antispyware cleans and protects my computer just as good as any scanner, it gets rid of those nasty bugs and it does it all for less than many of the others available.

Morpheous416

April 12, 2009 at 4:41pm

Not to downplay that long list of instructions.. but use MalwareBytes. I've yet to see a version of AntiVirus XP or any of it's variants escape removal from the program. It'll remove the infection in real time, without needing to reboot after any step.

And it runs just fine in safe mode should your OS be compromised in normal mode.

Marcus_Soperus

April 10, 2009 at 7:30am

Good tip on exterminating Antivirus XP. Note the use of bogus wallpaper as part of the software.

-----------------------------------------------------------------

It's amazing how illogical a business built on binary logic can be.

PCmonkeyboy

April 10, 2009 at 9:41am

first thing you do is go the task manager and close down this program.

Uncheck --- lphc35dj0e1an
Uncheck ---rhc75dj0e1an

Once you do that, REBOOT and go to the folder it is in and delete it.

this is the folder.

C:\program files\rhc75dj0e1an

Find this folder in your windows 32 dir and get rid of it.

C:\windows\system32\lphc35dj0e1an.exe

Now once that is done, do a search for XP anti virus and delete everything that comes up. Also download CCleaner and run it several times.

Now to get the crap off your desktop saying there are viruses found you are going to have to go the this place also through the run box

Here is what you need to do.

To restore ability to change your desktop settings and select a different wallpaper and screen saver do the following:

Start, run

type Gpedit.msc

Navigate to User configuration, Administrative Templates, Control Panel, Display

Right click on Remove Display in Control Panel
Click on Properties and select Disabled

Do the same steps to change the following attributes to disabled:

Hide Desktop Tab
Prevent changing wallpaper
Hide Apperance and Themes tab
Hide Settings tab
Hide Screen Saver tab

You should now be able to use your computer normally and change the wallpaper to something other than the warning message Antivirus XP 2008 set it to.