Application security, Incident Response, Malware, Network Security, TDR, Threat Management

Spam wanes, while web attacks surge

While spam dropped by half last year, search engine malware doubled and attacks on social networking sites increased 20 percent, according to a new study released this week from Barracuda Networks.

In its 2010 Annual Security Report released last week, Barracuda Networks, a vendor of content security solutions, revealed a significant shift from traditional spam to a growth in aggressive attacks targeting the internet.

The study found that attackers are focusing on the more lucrative social networks and search engines as attack vectors.

“Attackers focus on where they can get the most eyeballs and profit, and today that means social networks and search engines,” said Paul Judge, chief research officer at Barracuda.

To help thwart such attacks, he called for user education, as well as a need to elevate technological approaches.

"The research community must continue to build innovative defenses and the industry must make efforts to increase the deployment rates of those defenses,” Judge said.

Barracuda Labs studied the popular search engines and social media sites, such as Bing, Google, Yahoo and Twitter, specifically the so-called trending topics that might be enlisted by malware distributors. The survey was conducted over five months and reviewed more than 157,000 trending topics and 37 million search results.

Among the report's findings, when searches on popular trending topics were performed, search giant Google was found to be the “king” of malware, turning up more than twice the amount of malware as Bing, Twitter and Yahoo combined.

However, as malware disseminated across the other major search engines, the ratios were distributed more evenly, with Google producing 38 percent of overall malware, Yahoo at 30 percent Bing at 24 percent and Twitter at eight percent.

The report also found that the amount of malware found each day across the various search engines grew 55 percent in the second half of the year – from 145.7 samples in June  to 226.3 in December.

In addition, the study discovered that one in five search topics lead to malware, while one in 1,000 search results lead to malicious code.

Further, the lab studied more than 26 million Twitter accounts and observed that, beside significant growth in the use of Twitter (up 43 percent), as users become more active, malicious activity also increases.

Fred Wolens, a Facebook spokesman, said the social networking site takes a number of steps to identify infected accounts and kill the malware they may be serving.

"We've built numerous defenses to combat phishing and malware, including complex automated systems that work behind the scenes to detect and flag Facebook accounts that are likely to be compromised, based on anomalous activity like lots of messages sent in a short period of time or messages with links that are known to be bad," he told in an email.

A Google spokesman said the company has cut down the time it takes to detect certain kinds of bad web domains from around 10 hours to one hour and introduced a new site classifier that helped reduce hacked site spam on the order of 80 percent

"Google works hard to protect our users from malware," he said. "We actively work to detect and remove sites that serve malware from our services. We have manual and automated processes in place to detect and enforce these policies, including malicious and hacked site warnings that appear in our search results and in common web browsers that help protect users."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.