CYREN (NASDAQ:CYRN)
Historical Stock Chart
From Jul 2019 to Jul 2024
![Click Here for more CYREN Charts. Click Here for more CYREN Charts.](/p.php?pid=staticchart&s=N%5ECYRN&p=8&t=15)
Throughout the first quarter of 2007, server-side polymorphic malware
exploded across email, exploiting the well known zero-hour vulnerability
of traditional anti-virus solutions. The Q1 2007: Malware Outbreak
Trends, released today by Commtouch (NASDAQ:CTCH), shows how malware
writers are using speed, variation and social engineering techniques to
mass-distribute their malicious code across the Internet.
“The server-side polymorphic distribution
pattern has proven a ‘success’
for malware writers. This method is so adept at evading anti-virus
defenses, that it is now being adopted on a large scale,”
said Haggai Carmon, Commtouch vice president of products. “By
creating a massive number of distinct variants and releasing them in
short, intense bursts, virus writers are able to release new variants so
quickly that signatures or heuristics cannot be created quickly enough
to protect against them all.” During a peak
early in the quarter, the Storm/Nuwar malware released over 7,000 such
variants in a single day.
Another growing tactic is the increasing utilization of social
engineering techniques developed by spammers to help spam slip past
email users’ defenses. Malware writers
recently began adopting these methods on a large scale to help lure
users to open messages and click on attachments. The Storm/Nuwar
outbreak in mid-January used tabloid-style email Subjects like “230
dead as storm batters Europe,” “First
nuclear act of terrorism!” and “a
bouquet of love” to entice readers. In
February the Tibs/Zhelatin email-borne malware disguised itself as a
friendly Valentine’s Day greeting, coupling
affectionate Subject line greetings with docile sounding file names.
Sample subject strings:
5 reasons i love you
a song to you
Sample file names:
flash postcard.exe
greeting card.exe
The Nurech malware tries to fool its victims by adding benign sounding
file signatures such as ‘.doc’,
‘.jpg’ and ‘.pdf’
before the ‘.exe’.
Sample malware file names:
rechnung-single.de.doc.exe
rechnung-singles.jpg.exe
telekom.pdf.exe
“Once focused on searching for
vulnerabilities in computer applications, virus writers are now
exploiting the vulnerability of the anti-virus solutions themselves -
the zero-hour,” explains Carmon. “This
new breed of threats is making every hour of an attack a revolving
zero-hour, and even the AV solutions need virus protection.”
Commtouch Zero-Hour™ Virus Outbreak
Protection detects and blocks email-borne outbreaks, including
server-side polymorphic malware within moments of their release on the
Internet. Powered by its Recurrent Pattern Detection™
technology, Commtouch’s Zero-Hour service is
offered to messaging, security and anti-virus vendors for OEM
integration as a complementary outbreak detection solution.
To access the Q1 2007 Malware Outbreak Trends report, click http://www.commtouch.com/documents/Commtouch_2007_Q1_Malware_Trends.pd
f (Due to its length, this URL may need to be copied/pasted into
your Internet browser's address field. Remove the extra space if one
exists.)
About Commtouch
Commtouch Software Ltd. (Nasdaq:CTCH) is dedicated to protecting and
preserving the integrity of the world's most important communications
tool -- email. Commtouch has over 16 years of experience developing
messaging software and is a global developer and provider of proprietary
anti-spam, Zero-Hour virus protection and Reputation Service solutions.
Using core technologies including RPD™
(Recurrent Pattern Detection), the Commtouch Detection Center analyzes
billions of email messages per month to identify new spam and malware
outbreaks within minutes of their introduction into the Internet.
Integrated by scores of OEM partners, Commtouch technology protects
thousands of organizations, with over 50 million users in over 100
countries. Commtouch is headquartered in Netanya, Israel, and has a
subsidiary in Sunnyvale, CA. For more information, see: www.commtouch.com,
including the Commtouch online lab detailing spam statistics and charts.