PR releases

Secure Computing Warns: iPhone Release Immediately Followed By New Web-Borne Malware Threat

by Staff Writer | posted on 02 July 2007

SAN JOSE, Calif., July 1, 2007 /PRNewswire-FirstCall via COMTEX News Network/ -- Secure Computing Corporation (Nasdaq: SCUR), a leading enterprise gateway security company, today warned that email spam, indicating that the recipient has won a new iPhone, is directing users to a malware hosting website.

Secure Computing has discovered a website that is attempting to exploit over 10 Active X vulnerabilities in its efforts to install a malicious payload including the MSODataSourceControl vulnerability that Secure Computing warned users about only 2 weeks ago. The website is tracking visitors on the site and then redirecting repeat visitors to a different, clean webpage in efforts to thwart security researchers as well as using XOR encryption to obfuscate the attack.

"This yet again confirms the expanding trend in web-borne malware," said Paul Henry, vice president of technology evangelism for Secure Computing. "This threat is particularly insidious in that scripts within the HTML code returned to the user contain exploit code for multiple vulnerabilities to improve the malicious hacker's chances of gaining the necessary access to install the rootkit /spam bot malware. While most organizations fully inspect the traffic directed to their Internet facing web servers, many do not inspect the traffic that is returned to their internal users when visiting Internet web sites."

The initial activity of the rootkit/spam bot malware is to incorporate the compromised PC into a spam sending botnet. Because the malware is rootkit- based, it would be a simple matter for the malicious hacker to at any time update the malware to include other nefarious tasks, such as key logging on the compromised PC to capture the user's financial credentials for use in ID theft.

Viruses, worms, Trojans and other malware have traditionally been distributed over email with further propagation through each compromised users' email address books and made to look like messages coming from them. "With this threat, we again see the addition of a web attack component to traditional email-based malware," said Henry. "Secure Computing has recently seen other evidence of web-borne malware propagating through the use of fake video-hosting sites and fake greeting card messages."

"Because of the popularity of the iPhone brand this is the first in what's bound to be a series of scams involving the iPhone," added Henry.

Customers using Secure Computing's Webwasher(R), the industry's first and only reputation-based Web gateway security solution, are protected against this. Webwasher protects enterprises from spyware, phishing, malware, data leakage, and Internet misuse, while ensuring policy enforcement, regulatory compliance, and a productive application environment. It incorporates global intelligence from the company's industry-leading reputation system, TrustedSource(TM), which provides source-based reputation scores for web page content, messages, attachments and images. Webwasher employs the most sophisticated behavioral and signature-based techniques for stopping malware, as well as patented content analysis software for stopping data leakage.

About Secure Computing:

Secure Computing (Nasdaq: SCUR), a leading provider of enterprise gateway security, delivers a comprehensive set of solutions that help customers protect their critical Web, email and network assets. Over half the Fortune 50 and Fortune 500 are part of our more than 20,000 global customers in 106 countries, supported by a worldwide network of more than 2,300 partners. The company is headquartered in San Jose, Calif., and has offices worldwide. For more information, see http://www.securecomputing.com

This press release contains forward-looking statements relating to the Secure Computing's timely identification of security threats and its ability to protect against such threats, and such statements involve a number of risks and uncertainties. Among the important factors that could cause actual results to differ materially from those indicated by such forward-looking statements are delays in product development, undetected software errors or bugs, competitive pressures, technical difficulties, changes in customer requirements, general economic conditions and the risk factors detailed from time to time in Secure Computing's periodic reports and registration statements filed with the Securities and Exchange Commission.

Technorati tags:   
The Official Line - You can discuss this article on our discussion board.

Related Articles

  • [in News]
    "Don't lose sleep over phlooding" warns AirMagnet, after inventing this new WiFi threat[more...]
  • [in News]
    Intel may have to bring forward its high-speed Centrino release date to avoid new hacking trick[more...]
  • [in PR releases]
    Skype extends leadership position with new must-have release[more...]
  • [in PR releases]
    Continuous Computing® Launches New Trillium®+plus Product Line[more...]
  • [in Comment]
    Hot new security threat! - technology breakthrough turns industry upside down...[more...]
  • [in PR releases]
    New Highly Secure Wireless Network Capable of Delivering Multimedia Content to Mobile and Fixed Security Devices[more...]