Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.
There is site maintenance being carried out this weekend and there may be brief periods where we are unavailable. If so, please try again 10 minutes later.

Recent attacks uncovered by GFI Labs reveal pattern of recycled cybercrime tactics adapted to conceal fraudulent purposes

Recent attacks uncovered by GFI Labs reveal pattern of recycled cybercrime tactics adapted to conceal fraudulent purposes

Clearwater, Fla. โ€“ Jan. 10, 2012 โ€“ GFI Software today released its VIPREยฎ Report for December 2011, a collection of the 10 most prevalent threat detections encountered during the month. Phishing campaigns once again proved to be among the most significant threats, with scammers targeting Chase and Barclays customers, as well as launching malware attacks against Amazon shoppers expecting holiday packages.

โ€œThe threats we uncovered last month illustrate the consistent reuse of tried-and-true attack methods slightly modified to target new groups of potential victims,โ€ said Christopher Boyd, senior threat researcher at GFI Software. โ€œMost cyber-attacks at any given time rely on old techniques deployed with a new disguise. The reason we see them again and again is quite simply because they work, and we anticipate 2012 to bring many fresh takes on old scams.โ€

In a continuing trend highlighted in the last VIPRE Report, bank related phishing is increasingly becoming a common threat. Barclays customers received messages from a free Yahoo email address claiming that their account had been suspended due to incorrect login attempts. The phishers employed scare tactics by insisting information had to be provided to reactivate the account within a certain amount of time. Once the victimโ€™s identity was submitted, they were redirected to the official Barclays website in order to further mask the crime. Chase clients were targeted by a similar phishing campaign last month as well.

Online shoppers also continue to be a popular pool of potential victims. Emails disguised as messages from Amazon fooled users into clicking a link to infected websites hosting Black Hole Exploit Kits. These kits are designed to take advantage of unpatched Windowsยฎ operating systems and software. An infected PDF file is then downloaded to the victimโ€™s computer which exploits a vulnerability in Adobe Readerยฎ and loads malware onto the system.

Another familiar cybercrime tactic that continued to gain momentum in December was scarewareโ€”fake antivirus software and system utility programsโ€”that warn infected users of completely false threats to their computers. GFI Labs document several new variants of these rogue programs on its Malware Protection Center blog.

โ€œMost malware is avoidable,โ€ continued Boyd. โ€œKnowing how cybercriminals operate and understanding how to recognize common attacks are the first steps toward keeping your PC clean and your personal information safe. Most cybercrime requires the victim to aid in the process. A little caution and common sense can go a long way in helping users avoid becoming unwitting accomplices.โ€

Top 10 Threat Detections for December

GFIโ€™s top 10 threat detection list is compiled from collected scan data of tens of thousands of GFI VIPRE Antivirus customers who are part of GFIโ€™s ThreatNetโ„ข automated threat tracking system. ThreatNet statistics revealed that Trojans still dominated the month, making up half of the top threats detected.

Detection Type Percent

Trojan.Win32.Generic Trojan 34.41
FraudTool.Win32.FakeRean Rogue Security Program 2.82
Yontoo (v) Adware 2.36
Trojan.FakeAlert Trojan 1.52
INF.Autorun (v) Trojan 1.24
Exploit.PDF-JS.Gen (v) Exploit 0.93
Trojan.Win32.Ramnit.c (v) Trojan 0.89
Trojan.JS.Obfuscator.w (v) Trojan 0.87
Yontoo Adware 0.84
GameVance (fs) Adware 0.82

About GFI Labs

GFI Labs specialises in the discovery and analysis of dangerous vulnerabilities and malware that could be exploited for Internet and email attacks. The research team actively researches new malware outbreaks, creating and testing new threat definitions on a constant basis for the VIPRE home and business antivirus products.

About GFI

GFI Software provides web and mail security, archiving, backup and fax, networking and security software and hosted IT solutions for small to medium-sized businesses (SMB) via an extensive global partner community. GFI products are available either as on-premise solutions, in the cloud or as a hybrid of both delivery models. With award-winning technology, a competitive pricing strategy, and a strong focus on the unique requirements of SMEs, GFI satisfies the IT needs of organizations on a global scale. The company has offices in the United States, UK, Austria, Australia, Malta, Hong Kong, Philippines and Romania, which together support hundreds of thousands of installations worldwide. GFI is a channel-focused company with thousands of partners throughout the world and is also a Microsoft Gold Certified Partner.

For more information
GFI Software
Please email David Kelleher at
GFI - Malta: Tel: +356 2205 2000; Fax: +356 21382419.

Davies Murphy Group
Please email Chris Green at
GFI โ€“ UK +44 1256 807360

Copyright ยฉ 2011 GFI Software. All rights reserved. All other trademarks are the property of their respective owners. To the best of our knowledge, all details were correct at the time of publishing; this information is subject to change without notice

This press release was distributed by ResponseSource Press Release Wire on behalf of GFI Software in the following categories: Consumer Technology, Business & Finance, Computing & Telecoms, for more information visit