SlideShare a Scribd company logo
1 of 20
Symantec Intelligence Report

    July 2011


Symantec Intelligence              1
New: The Symantec Intelligence Report
The new Symantec Intelligence Report combines the best
research and analysis from Symantec:
• Symantec.cloud MessageLabs Intelligence Report
• Symantec State of Spam & Phishing Report


The Symantec Intelligence Report integrated report provides the
latest analysis of cyber security threats, trends and insights from
the Symantec Intelligence team




Symantec Intelligence                                                 2
July 2011 Highlights
• Spam – 77.8% in July
• Phishing – One in 319.3 emails identified as phishing
• Malware – One in 280.9 emails in July contained malware
• Malicious Web sites – 6,797 Web sites blocked per day
• 35.9% of all malicious domains blocked were new in July
• 21.1% of all Web-based malware blocked was new in July
• Aggressively unstable malware leads to a rise in sophisticated
  socially engineered attacks
• Phishers’ World in Your Cell Phone
• Large scale malware attack using URL shortening services
• Best Practices for Enterprises and Users

Symantec Intelligence                                              3
Spam Rate & Sources




                      4
Spam Attack Vectors




Symantec Intelligence   5
Top Ten Spam-Sending Botnets (relative volumes)
Since March 2011




Symantec Intelligence                             6
Most Active Spam-Sending Botnets
                                                              Spam
                        % of                                    /bot    estimated
  Botnet                spam         spam/day    spam/min      /min    botnet size   Country of Infection
  Cutwail               16.1%    9,609,745,048   6,673,434        77       800k to   India (10%), Russia (9%), Brazil (8%)
                                                                            1200k
  Xarvester             6.7%     4,002,042,186    2,779,196     455     57k to 86k    United Kingdom (18%), France (13%), Italy
                                                                                     (9%)
  Maazben               3.1%     1,872,408,382    1,300,284      14        520k to    Rep. of Korea (14%), Russia (10%), India
                                                                                     (10%)
                                                                              780k
  Lethic                3.1%     1,824,416,511    1,266,956      45        230k to   Rep. of Korea (25%), Russia (15%),
                                                                                     Ukraine (7%)
                                                                              340k
  Grum                  3.0%     1,801,605,428    1,251,115     140        200k to   Russia (14%), India (14%), Ukraine (8%)
                                                                              290k
  Bagle                 2.7%     1,599,896,533    1,111,039      58        140k to   India (15%), Russia (1%), Argentina (8%)
                                                                              200k
  Fivetoone             2.3%     1,400,401,724     972,501       98    94k to 140k    Vietnam (20%), Brazil (12%), Indonesia
                                                                                     (11%)
  Festi                 1.2%      691,992,804      480,551      166     25k to 37k    India (10%), Vietnam (10%), Brazil (9%)
  Bobax                 0.4%      254,229,254      176,548       24    80k to 120k   Ukraine (27%), India (18%), Russia (18%)
  DarkMailer            0.5%       42,575,225       29,566      351     1k to 1.5k    France (27%), USA (16%), Germany
                                                                                     (13%)
  Other, smaller        0.5%       22,277,510       15,470      321     62k to 95k
  Botnets
  Unnamed Botnets       36.9%   21,962,912,697   15,252,023     196        660k to
                                                                             990k
  Total Botnet Spam     76.6%   45,084,503,302   31,308,683     162
  Non-botnet spam       23.4%    3,411,165,479    2,368,865
  Grand Total                   48,495,668,780   33,677,548



Symantec Intelligence                                                                                                             7
Global Spam Categories
  Category Name             June 2011   July 2011

  Pharmaceutical               40.0%       47.0%

  Adult/Sex/Dating             19.0%       14.5%

  Jobs/Recruitments                 -      10.5%

  Watches/Jewelry              17.5%        7.5%

  Unsolicited Newsletters      11.5%        7.5%

  Casino/Gambling               7.0%        3.5%

  Degrees/Diplomas              1.5%        2.5%

  Unknown/Other                 2.5%        2.0%




Symantec Intelligence                               8
Spam Subject Line Analysis
                                            No.                                        No.
             Total Spam: June 2011 Top       of   Total Spam: July 2011 Top Subject     of
   Rank      Subject Lines                 Days   Lines                               Days
    1        Blank Subject line              31   drop me a line                        31
             Re: Windows 7, Office 2010,
      2                                      16   r u online now?                       16
             Adobe CS5 …
      3      im online now                   31   hi darling..                          31
      4      my new pics :)                  31   new email                             31
      5      drop me a line                  31   found you :)                          31
      6      r u online now?                 31   im online now                         31
      7      hi darling..                    31   my new pics :)                        31
      8      new email                       31   my new email                          31
      9      found you :)                    31   my hot pics :)                        31
     10      my hot pics :)                  31   I'm online now…                       31




Symantec Intelligence                                                                        9
Additional Spam Metrics
Spam URL TLD Distribution

                                             Change
TLD                         June    July
                                           (% points)
com                     53.4%      54.9%        +0.5
ru                      19.2%      10.6%         -8.6
info                    14.9%      18.3%        +3.4
net                      5.5%       6.2%        +0.7

 Average Spam Message Size

                                             Change
Message Size                June    July
                                           (% points)
0Kb – 5Kb               62.3%      65.1%        +2.8
5Kb – 10Kb              24.2%      21.2%         -3.0
>10Kb                   13.4%      13.7%        +0.3



Symantec Intelligence                                   10
Virus Rate




Symantec Intelligence   11
Generic polymorphic malware and executable
attachment malware




Symantec Intelligence                        12
Copies intercepted of each new polymorphic strain on
18 July 2011




Symantec Intelligence                                  13
Most Frequently Blocked Email Malware

   Malware Name                         % Malware

   W32/Bredolab.gen!eml                      3.9%
   Gen:Trojan.Heur.FU.bqW                    5.7%
   W32/NewMalware!836b                       2.3%
   Exploit/Link-7707                         2.2%
   Exploit/Link-48cc                         2.1%
   Exploit/LinkAliasPostcard-b11e            1.9%
   W32/Netsky.c-mm                           1.6%
   Exploit/LinkAliasPostcard-f837            1.5%
   W32/Generic-bbc5-0e41                     1.3%
   Exploit/Link-ExeSpoof                     1.2%




Symantec Intelligence                               14
Phishing Rate & Sources




                          15
Tactics of Phishing Distribution




Symantec Intelligence              16
Organizations Spoofed in Phishing Attacks, by Industry
Sector




Symantec Intelligence                                    17
New Malware and Spyware Sites Per Day




Symantec Intelligence                   18
Policy, Malware & Potentially Unwanted Programs




Symantec Intelligence                             19
Most Frequently Blocked Malware at the Endpoint
  Malware Name                                                                                                                                % Malware

  W32.Ramnit!html                                                                                                                                       9.60%
  W32.Sality.AE                                                                                                                                         8.83%
  Trojan.Bamital                                                                                                                                        8.33%
  W32.Ramnit.B!inf                                                                                                                                      7.43%
  W32.Downadup.B                                                                                                                                        3.65%
  W32.Almanahe.B!inf                                                                                                                                    2.68%
  W32.Virut.CF                                                                                                                                          2.68%
  W32.SillyFDC                                                                                                                                          2.06%
  Trojan.ADH                                                                                                                                            1.80%
  W32.Mabezat.B                                                                                                                                         1.78%


                        [1] For further information on these threats, please visit: http://www.symantec.com/business/security_response/landing/threats.jsp




Symantec Intelligence                                                                                                                                           20

More Related Content

What's hot

Igtm pre event golf survey by sports marketing survey - part I
Igtm pre event golf survey by sports marketing survey - part IIgtm pre event golf survey by sports marketing survey - part I
Igtm pre event golf survey by sports marketing survey - part IMS-Co
 
Steven Schwartz at Consumer Centric Health, Models for Change '11
Steven Schwartz at Consumer Centric Health, Models for Change '11Steven Schwartz at Consumer Centric Health, Models for Change '11
Steven Schwartz at Consumer Centric Health, Models for Change '11HealthInnoventions
 
ClickSquared Webcast: Improve your Marketing, Remove the Complexity
ClickSquared Webcast: Improve your Marketing, Remove the ComplexityClickSquared Webcast: Improve your Marketing, Remove the Complexity
ClickSquared Webcast: Improve your Marketing, Remove the ComplexityClickSquared
 
Assessing the Economics of Obesity and Obesity Interventions by Michael J. O'...
Assessing the Economics of Obesity and Obesity Interventions by Michael J. O'...Assessing the Economics of Obesity and Obesity Interventions by Michael J. O'...
Assessing the Economics of Obesity and Obesity Interventions by Michael J. O'...Wisconsin Women's Health Foundation
 
A presentation to symbiosis institute of international business
A presentation to symbiosis institute of international businessA presentation to symbiosis institute of international business
A presentation to symbiosis institute of international businessKunal Jamuar
 
Jens Schulte-Bockum
Jens Schulte-BockumJens Schulte-Bockum
Jens Schulte-Bockumtheappeffect
 
Scaling up tb hiv integration 28_oct
Scaling up tb hiv integration 28_octScaling up tb hiv integration 28_oct
Scaling up tb hiv integration 28_octZahed Islam
 
Conneu nov2011-cloud servicesincreasingarpu
Conneu nov2011-cloud servicesincreasingarpuConneu nov2011-cloud servicesincreasingarpu
Conneu nov2011-cloud servicesincreasingarpuRob Blaauboer
 

What's hot (15)

Azerbaijanicts
AzerbaijanictsAzerbaijanicts
Azerbaijanicts
 
Mohr - Recessionary Impact on Unemployment Taxes
Mohr - Recessionary Impact on Unemployment TaxesMohr - Recessionary Impact on Unemployment Taxes
Mohr - Recessionary Impact on Unemployment Taxes
 
Igtm pre event golf survey by sports marketing survey - part I
Igtm pre event golf survey by sports marketing survey - part IIgtm pre event golf survey by sports marketing survey - part I
Igtm pre event golf survey by sports marketing survey - part I
 
Steven Schwartz at Consumer Centric Health, Models for Change '11
Steven Schwartz at Consumer Centric Health, Models for Change '11Steven Schwartz at Consumer Centric Health, Models for Change '11
Steven Schwartz at Consumer Centric Health, Models for Change '11
 
Russian mobile VAS market in 2Q2010
Russian mobile VAS market in 2Q2010Russian mobile VAS market in 2Q2010
Russian mobile VAS market in 2Q2010
 
ClickSquared Webcast: Improve your Marketing, Remove the Complexity
ClickSquared Webcast: Improve your Marketing, Remove the ComplexityClickSquared Webcast: Improve your Marketing, Remove the Complexity
ClickSquared Webcast: Improve your Marketing, Remove the Complexity
 
Assessing the Economics of Obesity and Obesity Interventions by Michael J. O'...
Assessing the Economics of Obesity and Obesity Interventions by Michael J. O'...Assessing the Economics of Obesity and Obesity Interventions by Michael J. O'...
Assessing the Economics of Obesity and Obesity Interventions by Michael J. O'...
 
Danis lsssg
Danis lsssgDanis lsssg
Danis lsssg
 
A presentation to symbiosis institute of international business
A presentation to symbiosis institute of international businessA presentation to symbiosis institute of international business
A presentation to symbiosis institute of international business
 
Tax
TaxTax
Tax
 
314 chuck richardpresentation
314 chuck richardpresentation314 chuck richardpresentation
314 chuck richardpresentation
 
Jens Schulte-Bockum
Jens Schulte-BockumJens Schulte-Bockum
Jens Schulte-Bockum
 
BIG Call June 2012 Sneak Peek
BIG Call June 2012 Sneak PeekBIG Call June 2012 Sneak Peek
BIG Call June 2012 Sneak Peek
 
Scaling up tb hiv integration 28_oct
Scaling up tb hiv integration 28_octScaling up tb hiv integration 28_oct
Scaling up tb hiv integration 28_oct
 
Conneu nov2011-cloud servicesincreasingarpu
Conneu nov2011-cloud servicesincreasingarpuConneu nov2011-cloud servicesincreasingarpu
Conneu nov2011-cloud servicesincreasingarpu
 

Similar to Symantec Intelligence Report July 2011

2012 June Symantec Intelligence Report
2012 June Symantec Intelligence Report2012 June Symantec Intelligence Report
2012 June Symantec Intelligence ReportSymantec
 
2011 October Symantec Intelligence Report
2011 October Symantec Intelligence Report2011 October Symantec Intelligence Report
2011 October Symantec Intelligence ReportSymantec
 
Asia’s social media map and users’ online (june 2010)
Asia’s social media map and users’ online (june 2010)Asia’s social media map and users’ online (june 2010)
Asia’s social media map and users’ online (june 2010)Michael Netzley, Ph.D.
 
2012 July Symantec Intelligence Report
2012 July Symantec Intelligence Report2012 July Symantec Intelligence Report
2012 July Symantec Intelligence ReportSymantec
 
Harnessing Mobile Marketing To Connect With Today's Youth - How Youth Brands ...
Harnessing Mobile Marketing To Connect With Today's Youth - How Youth Brands ...Harnessing Mobile Marketing To Connect With Today's Youth - How Youth Brands ...
Harnessing Mobile Marketing To Connect With Today's Youth - How Youth Brands ...Infinita Inc.
 
Adventures With Social Media [Am Cham Sg No Video]
Adventures With Social Media [Am Cham Sg No Video]Adventures With Social Media [Am Cham Sg No Video]
Adventures With Social Media [Am Cham Sg No Video]Michael Netzley, Ph.D.
 
The Great Twitter Crashcourse for the SharePoint Community
The Great Twitter Crashcourse for the SharePoint CommunityThe Great Twitter Crashcourse for the SharePoint Community
The Great Twitter Crashcourse for the SharePoint CommunityJoel Oleson
 
Mobile Email: Why, What, How
Mobile Email: Why, What, HowMobile Email: Why, What, How
Mobile Email: Why, What, HowLitmus
 
2011 September Symantec Intelligence Report
2011 September Symantec Intelligence Report2011 September Symantec Intelligence Report
2011 September Symantec Intelligence ReportSymantec
 
SSP Fall Meeting Mobile Gunter Nov 2011
SSP  Fall Meeting Mobile Gunter Nov 2011SSP  Fall Meeting Mobile Gunter Nov 2011
SSP Fall Meeting Mobile Gunter Nov 2011Darrell W. Gunter
 
Android data insight report Q2 2011
Android data insight report Q2 2011Android data insight report Q2 2011
Android data insight report Q2 2011Umeng
 
more feedback for the creation
more feedback for the creationmore feedback for the creation
more feedback for the creationkudakurage
 
2016 05 19 digimeter 2015 vrt st
2016 05 19 digimeter 2015   vrt st2016 05 19 digimeter 2015   vrt st
2016 05 19 digimeter 2015 vrt stCookies Club
 
2012 February Symantec Intelligence Report
2012 February Symantec Intelligence Report2012 February Symantec Intelligence Report
2012 February Symantec Intelligence ReportSymantec
 
Mapping IUSTI presentation Sri Lanka
Mapping IUSTI presentation Sri LankaMapping IUSTI presentation Sri Lanka
Mapping IUSTI presentation Sri LankaDr Ajith Karawita
 
Device Fragmentation 2011 / Metrics of the Mobile Web
Device Fragmentation 2011 / Metrics of the Mobile WebDevice Fragmentation 2011 / Metrics of the Mobile Web
Device Fragmentation 2011 / Metrics of the Mobile WebAvenga Germany GmbH
 

Similar to Symantec Intelligence Report July 2011 (20)

2012 June Symantec Intelligence Report
2012 June Symantec Intelligence Report2012 June Symantec Intelligence Report
2012 June Symantec Intelligence Report
 
2011 October Symantec Intelligence Report
2011 October Symantec Intelligence Report2011 October Symantec Intelligence Report
2011 October Symantec Intelligence Report
 
Asia’s social media map and users’ online (june 2010)
Asia’s social media map and users’ online (june 2010)Asia’s social media map and users’ online (june 2010)
Asia’s social media map and users’ online (june 2010)
 
2012 July Symantec Intelligence Report
2012 July Symantec Intelligence Report2012 July Symantec Intelligence Report
2012 July Symantec Intelligence Report
 
Harnessing Mobile Marketing To Connect With Today's Youth - How Youth Brands ...
Harnessing Mobile Marketing To Connect With Today's Youth - How Youth Brands ...Harnessing Mobile Marketing To Connect With Today's Youth - How Youth Brands ...
Harnessing Mobile Marketing To Connect With Today's Youth - How Youth Brands ...
 
Adventures With Social Media [Am Cham Sg No Video]
Adventures With Social Media [Am Cham Sg No Video]Adventures With Social Media [Am Cham Sg No Video]
Adventures With Social Media [Am Cham Sg No Video]
 
The Great Twitter Crashcourse for the SharePoint Community
The Great Twitter Crashcourse for the SharePoint CommunityThe Great Twitter Crashcourse for the SharePoint Community
The Great Twitter Crashcourse for the SharePoint Community
 
Pan Asian Challenge
Pan Asian ChallengePan Asian Challenge
Pan Asian Challenge
 
Mobile Email: Why, What, How
Mobile Email: Why, What, HowMobile Email: Why, What, How
Mobile Email: Why, What, How
 
2011 September Symantec Intelligence Report
2011 September Symantec Intelligence Report2011 September Symantec Intelligence Report
2011 September Symantec Intelligence Report
 
UBS Ad:Tech 2009
UBS Ad:Tech 2009UBS Ad:Tech 2009
UBS Ad:Tech 2009
 
Dr. gert vilhelm balling
Dr. gert vilhelm ballingDr. gert vilhelm balling
Dr. gert vilhelm balling
 
SSP Fall Meeting Mobile Gunter Nov 2011
SSP  Fall Meeting Mobile Gunter Nov 2011SSP  Fall Meeting Mobile Gunter Nov 2011
SSP Fall Meeting Mobile Gunter Nov 2011
 
Android data insight report Q2 2011
Android data insight report Q2 2011Android data insight report Q2 2011
Android data insight report Q2 2011
 
more feedback for the creation
more feedback for the creationmore feedback for the creation
more feedback for the creation
 
2016 05 19 digimeter 2015 vrt st
2016 05 19 digimeter 2015   vrt st2016 05 19 digimeter 2015   vrt st
2016 05 19 digimeter 2015 vrt st
 
2012 February Symantec Intelligence Report
2012 February Symantec Intelligence Report2012 February Symantec Intelligence Report
2012 February Symantec Intelligence Report
 
Mapping IUSTI presentation Sri Lanka
Mapping IUSTI presentation Sri LankaMapping IUSTI presentation Sri Lanka
Mapping IUSTI presentation Sri Lanka
 
Mapping of MARPs, Sri Lanka
Mapping of MARPs, Sri LankaMapping of MARPs, Sri Lanka
Mapping of MARPs, Sri Lanka
 
Device Fragmentation 2011 / Metrics of the Mobile Web
Device Fragmentation 2011 / Metrics of the Mobile WebDevice Fragmentation 2011 / Metrics of the Mobile Web
Device Fragmentation 2011 / Metrics of the Mobile Web
 

More from Symantec

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar |  Tips for Successful CASB ProjectsSymantec Webinar |  Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec
 

More from Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar |  Tips for Successful CASB ProjectsSymantec Webinar |  Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 

Recently uploaded

NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIUdaiappa Ramachandran
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServiceRenan Moreira de Oliveira
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceMartin Humpolec
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.francesco barbera
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 

Recently uploaded (20)

NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
RAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AIRAG Patterns and Vector Search in Generative AI
RAG Patterns and Vector Search in Generative AI
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your Salesforce
 
Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.Digital magic. A small project for controlling smart light bulbs.
Digital magic. A small project for controlling smart light bulbs.
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 

Symantec Intelligence Report July 2011

  • 1. Symantec Intelligence Report July 2011 Symantec Intelligence 1
  • 2. New: The Symantec Intelligence Report The new Symantec Intelligence Report combines the best research and analysis from Symantec: • Symantec.cloud MessageLabs Intelligence Report • Symantec State of Spam & Phishing Report The Symantec Intelligence Report integrated report provides the latest analysis of cyber security threats, trends and insights from the Symantec Intelligence team Symantec Intelligence 2
  • 3. July 2011 Highlights • Spam – 77.8% in July • Phishing – One in 319.3 emails identified as phishing • Malware – One in 280.9 emails in July contained malware • Malicious Web sites – 6,797 Web sites blocked per day • 35.9% of all malicious domains blocked were new in July • 21.1% of all Web-based malware blocked was new in July • Aggressively unstable malware leads to a rise in sophisticated socially engineered attacks • Phishers’ World in Your Cell Phone • Large scale malware attack using URL shortening services • Best Practices for Enterprises and Users Symantec Intelligence 3
  • 4. Spam Rate & Sources 4
  • 6. Top Ten Spam-Sending Botnets (relative volumes) Since March 2011 Symantec Intelligence 6
  • 7. Most Active Spam-Sending Botnets Spam % of /bot estimated Botnet spam spam/day spam/min /min botnet size Country of Infection Cutwail 16.1% 9,609,745,048 6,673,434 77 800k to India (10%), Russia (9%), Brazil (8%) 1200k Xarvester 6.7% 4,002,042,186 2,779,196 455 57k to 86k United Kingdom (18%), France (13%), Italy (9%) Maazben 3.1% 1,872,408,382 1,300,284 14 520k to Rep. of Korea (14%), Russia (10%), India (10%) 780k Lethic 3.1% 1,824,416,511 1,266,956 45 230k to Rep. of Korea (25%), Russia (15%), Ukraine (7%) 340k Grum 3.0% 1,801,605,428 1,251,115 140 200k to Russia (14%), India (14%), Ukraine (8%) 290k Bagle 2.7% 1,599,896,533 1,111,039 58 140k to India (15%), Russia (1%), Argentina (8%) 200k Fivetoone 2.3% 1,400,401,724 972,501 98 94k to 140k Vietnam (20%), Brazil (12%), Indonesia (11%) Festi 1.2% 691,992,804 480,551 166 25k to 37k India (10%), Vietnam (10%), Brazil (9%) Bobax 0.4% 254,229,254 176,548 24 80k to 120k Ukraine (27%), India (18%), Russia (18%) DarkMailer 0.5% 42,575,225 29,566 351 1k to 1.5k France (27%), USA (16%), Germany (13%) Other, smaller 0.5% 22,277,510 15,470 321 62k to 95k Botnets Unnamed Botnets 36.9% 21,962,912,697 15,252,023 196 660k to 990k Total Botnet Spam 76.6% 45,084,503,302 31,308,683 162 Non-botnet spam 23.4% 3,411,165,479 2,368,865 Grand Total 48,495,668,780 33,677,548 Symantec Intelligence 7
  • 8. Global Spam Categories Category Name June 2011 July 2011 Pharmaceutical 40.0% 47.0% Adult/Sex/Dating 19.0% 14.5% Jobs/Recruitments - 10.5% Watches/Jewelry 17.5% 7.5% Unsolicited Newsletters 11.5% 7.5% Casino/Gambling 7.0% 3.5% Degrees/Diplomas 1.5% 2.5% Unknown/Other 2.5% 2.0% Symantec Intelligence 8
  • 9. Spam Subject Line Analysis No. No. Total Spam: June 2011 Top of Total Spam: July 2011 Top Subject of Rank Subject Lines Days Lines Days 1 Blank Subject line 31 drop me a line 31 Re: Windows 7, Office 2010, 2 16 r u online now? 16 Adobe CS5 … 3 im online now 31 hi darling.. 31 4 my new pics :) 31 new email 31 5 drop me a line 31 found you :) 31 6 r u online now? 31 im online now 31 7 hi darling.. 31 my new pics :) 31 8 new email 31 my new email 31 9 found you :) 31 my hot pics :) 31 10 my hot pics :) 31 I'm online now… 31 Symantec Intelligence 9
  • 10. Additional Spam Metrics Spam URL TLD Distribution Change TLD June July (% points) com 53.4% 54.9% +0.5 ru 19.2% 10.6% -8.6 info 14.9% 18.3% +3.4 net 5.5% 6.2% +0.7 Average Spam Message Size Change Message Size June July (% points) 0Kb – 5Kb 62.3% 65.1% +2.8 5Kb – 10Kb 24.2% 21.2% -3.0 >10Kb 13.4% 13.7% +0.3 Symantec Intelligence 10
  • 12. Generic polymorphic malware and executable attachment malware Symantec Intelligence 12
  • 13. Copies intercepted of each new polymorphic strain on 18 July 2011 Symantec Intelligence 13
  • 14. Most Frequently Blocked Email Malware Malware Name % Malware W32/Bredolab.gen!eml 3.9% Gen:Trojan.Heur.FU.bqW 5.7% W32/NewMalware!836b 2.3% Exploit/Link-7707 2.2% Exploit/Link-48cc 2.1% Exploit/LinkAliasPostcard-b11e 1.9% W32/Netsky.c-mm 1.6% Exploit/LinkAliasPostcard-f837 1.5% W32/Generic-bbc5-0e41 1.3% Exploit/Link-ExeSpoof 1.2% Symantec Intelligence 14
  • 15. Phishing Rate & Sources 15
  • 16. Tactics of Phishing Distribution Symantec Intelligence 16
  • 17. Organizations Spoofed in Phishing Attacks, by Industry Sector Symantec Intelligence 17
  • 18. New Malware and Spyware Sites Per Day Symantec Intelligence 18
  • 19. Policy, Malware & Potentially Unwanted Programs Symantec Intelligence 19
  • 20. Most Frequently Blocked Malware at the Endpoint Malware Name % Malware W32.Ramnit!html 9.60% W32.Sality.AE 8.83% Trojan.Bamital 8.33% W32.Ramnit.B!inf 7.43% W32.Downadup.B 3.65% W32.Almanahe.B!inf 2.68% W32.Virut.CF 2.68% W32.SillyFDC 2.06% Trojan.ADH 1.80% W32.Mabezat.B 1.78% [1] For further information on these threats, please visit: http://www.symantec.com/business/security_response/landing/threats.jsp Symantec Intelligence 20