Symantec announces September 2011 Symantec Intelligence Report, Middle East virus rate goes up

Ahead of the beginning of GITEX Technology Week next Sunday, Symantec announces the results of the September 2011 Symantec Intelligence Report. New research shows that the Virus Rate in the United Arab Emirates is up to 1 in 183.2 from 1 in 314.3 last month while the Middle East figure is up to 1 in 221 from 1 in 662.9 in August. Saudi Arabia continues to be the most spammed geography globally with a spam rate of 84.0 percent.

“This unprecedented high-water mark underlines the nature by which cyber criminals have escalated their assault on this region in 2011. While strong and commendable efforts are currently being made by authorities and government entities, it is imperative that enterprises and consumers take security into their own hands to combat cybercrime as it grows across the Middle East” said Justin Doo, Security Practice Director, Emerging Markets for Symantec.

This month’s analysis further reveals that a deluge of malicious email-borne malware has left a clear mark on the threat landscape for September. Approximately 72% of all email-borne malware in September could be characterized as aggressive strains of generic polymorphic malware, first identified in the July Symantec Intelligence Report. At the end of July, this rate was 23.7%, in August it fell slightly to 18.5% before soaring to 72% in September.

Further analysis also reveals that the social engineering behind many of these attacks has also accelerated, with the adoption of a variety of new techniques such as pretending to be an email from a smart printer/scanner being forwarded by a colleague in the same organization.

Although spam levels remained fairly stable during September, Symantec Intelligence observed the use of identified vulnerabilities in certain older versions of the popular WordPress blogging software on a large number of Web sites across the Internet. Spam emails containing links to these compromised Web sites are also being spammed out. It is important to note that blogs hosted by WordPress themselves seem to be unaffected.

The exploitation of these vulnerabilities to serve spammers’ interests is a stark reminder for the need to ensure software is up-to-date with latest patches and releases.

Additional research also reveals that JavaScript is becoming increasing popular as programming language by spammers and malware authors. JavaScript is increasingly used to conceal where spammers are redirecting, and in some cases, also to conceal entire Web pages.

“JavaScript is popularly used for redirecting visitors of a compromised Web site to the spammers landing page. While some of these techniques have been common in malware distribution for some time, spammers are increasingly using them,” added Teksoz.