Refer to 'Symantec Announces September 2011 Symantec Intelligence Report' on Enterprise IT News
|Generic Polymorphic Malware was first identified in July 2011.|
Email-borne polymorphic malware soars to unprecedented levels in Sept
The malware is frequently contained inside an executable within the attached ZIP archive file and often disguised as a PDF file or an office document. This new aggressive approach to distributing generic polymorphic malware on such a scale should be concerning for many businesses, particularly for those who rely solely on more traditional security countermeasures, which this type of malware is designed to evade. One example of this technique involves changing the startup code in almost every version of the malware; subtly changing the structure of the code and making it harder for emulators built-in to many anti-virus products to identify the code as malicious. Technology cannot rely on signatures and heuristics alone, and must also take into account the integrity of an executable based on knowledge of its reputation and circulation in the real-world.
Spam: In September 2011, the global ratio of spam in email traffic declined to 74.8 percent (1 in 1.34 emails), a decrease of 1.1 percentage points when compared with August 2011.
Phishing: In September, phishing email activity diminished by 0.26 percentage points since August 2011; one in 447.9 emails (0.223 percent) comprised some form of phishing attack.
E-mail-borne Threats: The global ratio of email-borne viruses in email traffic was one in 188.7 emails (0.53 percent) in September, an increase of 0.04 percentage points since August 2011.
Web-based Malware Threats: In September, Symantec Intelligence identified an average of 3,474 Web sites each day harboring malware and other potentially unwanted programs including spyware and adware; an increase of 1.0 percent since August 2011.
Endpoint Threats: The most frequently blocked malware for the last month was W32.Sality.AE, a virus that spreads by infecting executable files and attempts to download potentially malicious files from the Internet.