Trojans spiked in second half of 2011, says report

Trojans continue to be the dominant malware threat and from July to December 2011 instances of Trojan attacks skyrocketed, says a biannual report (.pdf) from the Anti-Phishing Working Group, an international consortium of companies, associations and government agencies.

According to the report, in 2009 Trojans accounted for 60 percent of all malware, and in 2010 Torjans only made up 56 percent of malware.

"This second half of 2011 they have jumped up to 73 percent, so that nearly three out of every four new malware strains created in 2011 were Trojans," says the report.

"All other malware categories have lost ground with respect to Trojans, once again the weapon of choice for cyber‑crooks' intrusion and data theft efforts," report authors add.

The APWG also saw a significant spike in phishing reports in the second half of 2011. There were 23 percent more phishing attacks reported from July to December than in the first half of 2011--with a spike in reports coming toward the end of 2011, coinciding with the holiday shopping season.

Unique phishing reports in December reached a high of 32,979, a number still lower than the all-time high of 40,621 reports in August 2009, note authors.

The report says phishing attacks are changing as well. In the last 6 months, more phishers are hosting on compromised domains rather than using an obvious IP to host fake log-in pages.

"There has been a 16 percent drop in the number of phishing URLs containing the spoofed company name in the URL...Phishers are adapting to users becoming more informed and knowledgeable about the traits of a typical phish," says Carl Leonard, senior manager of  Websense Security Labs, in the report.

For more:
- download the Phishing Activity Trends Report for the second half of 2011 (.pdf)

Related Articles:
Phishing generator could be used to assess federal cybersecurity awareness
Chinese phishers attacking Chinese targets, says Anti-Phishing Working Group