View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
August 26, 2009

Trojan attacks rise, phishing falls IBM research shows

Information-stealing Trojans biggest malware threat

By CBR Staff Writer

More than half of all new malware attacks can be put down to Trojans, new intelligence on the internet threat landscape has revealed.

According to research carried out by IBM’s X-Force internet security group, Trojans comprised 55% of all new malware in the first half of 2009, a level which represents a 9% increase against the year-ago period. 

“Information-stealing Trojans are the most prevalent malware category,” IBM confirmed in its X-Force 2009 Mid-Year Trend and Risk Report. 

The report also reveals what it describes as “an unprecedented state of Web insecurity as Web client, server, and content threats converge to create an untenable risk landscape.”

IBM’s researchers have clocked a 508% increase in the number of new malicious Web links and a level of veiled Web exploits, especially in PDF files, which is now running at an all time high.

The X-Force report notes an increase in the presence of malicious content on trusted sites, including popular search engines, blogs, bulletin boards, personal Web sites, online magazines and mainstream news sites. PDF vulnerabilities disclosed in the first half of 2009 apparently surpassed disclosures from all of 2008. 

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

“No one is to be trusted,” said X-Force Director Kris Lamb. “There is no such thing as safe browsing. We’ve reached a tipping point where every web site should be viewed as suspicious and every user is at risk.” 

Interestingly, IBM’s mid-year security assessment shows that phishing has decreased dramatically, but could be shifting subtly in focus. 

The nature of businesses being attacked with phishing has shifted with more companies that handle online payments being targeted and fewer banks. In the first half of 2009, 66% of phishing was targeted at the financial industry, down from 90% in 2008. Online payment targets make up 31% of the share.

Seemingly phishing accounted for just 0.1% of all spam in the first six months of this year. In the same period in 2008, phishing made up to 0.8% of all spam.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.