Spam wanes, while web attacks surge

Powered by SC Magazine

Social Trojans trump spam malware in latest Barracuda report.

While spam dropped by half last year, search engine malware doubled and attacks on social networking sites increased 20 percent, according to a new study released this week from Barracuda Networks.

In its 2010 Annual Security Report released last week, Barracuda Networks, a vendor of content security solutions, revealed a significant shift from traditional spam to a growth in aggressive attacks targeting the internet.

The study found that attackers are focusing on the more lucrative social networks and search engines as attack vectors.

“Attackers focus on where they can get the most eyeballs and profit, and today that means social networks and search engines,” said Paul Judge, chief research officer at Barracuda.

To help thwart such attacks, he called for user education, as well as a need to elevate technological approaches.

"The research community must continue to build innovative defenses and the industry must make efforts to increase the deployment rates of those defenses,” Judge said.

Barracuda Labs studied the popular search engines and social media sites, such as Bing, Google, Yahoo and Twitter, specifically the so-called trending topics that might be enlisted by malware distributors. The survey was conducted over five months and reviewed more than 157,000 trending topics and 37 million search results.

Among the report's findings, when searches on popular trending topics were performed, search giant Google was found to be the “king” of malware, turning up more than twice the amount of malware as Bing, Twitter and Yahoo combined.

However, as malware disseminated across the other major search engines, the ratios were distributed more evenly, with Google producing 38 percent of overall malware, Yahoo at 30 percent Bing at 24 percent and Twitter at eight percent.

The report also found that the amount of malware found each day across the various search engines grew 55 percent in the second half of the year – from 145.7 samples in June  to 226.3 in December.

In addition, the study discovered that one in five search topics lead to malware, while one in 1,000 search results lead to malicious code.

Further, the lab studied more than 26 million Twitter accounts and observed that, beside significant growth in the use of Twitter (up 43 percent), as users become more active, malicious activity also increases.

Fred Wolens, a Facebook spokesman, said the social networking site takes a number of steps to identify infected accounts and kill the malware they may be serving.

"We've built numerous defenses to combat phishing and malware, including complex automated systems that work behind the scenes to detect and flag Facebook accounts that are likely to be compromised, based on anomalous activity like lots of messages sent in a short period of time or messages with links that are known to be bad," he told in an email.

This article originally appeared at

Copyright © SC Magazine, US edition

Top Stories
The True Cost of BYOD - 2014 survey
Twelve months on from our first study, is BYOD a better proposition?
Photos: Unboxing the Magnus supercomputer
Pawsey's biggest beast slots into place.
ANZ looks to life beyond the transaction
If digital disruptors think an online payments startup could rock the big four, they’ve missed the point of why people use banks, says Patrick Maes.
Sign up to receive iTnews email bulletins
Latest Comments
What is delaying adoption of public cloud in your organisation?

   |   View results
Lock-in concerns
Application integration concerns
Security and compliance concerns
Unreliable network infrastructure
Data sovereignty concerns
Lack of stakeholder support
Protecting on-premise IT jobs
Difficulty transitioning CapEx budget into OpEx