In March Kaspersky Lab products blocked 241 mln network attacks and prevented 85.8 million attempted web-borne infections, detected and neutralized 219.8 million malicious programs and registered 96.7 million heuristic verdicts.
Cybercriminals obviously have a soft spot for Java exploits – of the five exploits to appear in the Top 20 malicious programs on the Internet in March, three of them were for vulnerabilities in Java.
Malware writers are also surprisingly quick to react to announcements of new vulnerabilities. A good example of this is a vulnerability in Adobe Flash Player that allowed cybercriminals to gain control of a user’s computer. The vulnerability was announced by Adobe on 14 March and by the next day Kaspersky Lab had already detected an exploit for it.
Social engineering also remains a popular tool for the cybercriminals, who have no qualms about exploiting tragic events for their own benefit. The Japanese earthquake and tsunami, plus the death of Elizabeth Taylor, did nothing to buck this trend. Scammers and malware writers spread malicious links to their own versions of the “latest news”, created malicious websites with content connected in some way to the disaster in Japan and sent out ‘Nigerian’ letters making emotional requests for money to be transferred to the message sender in order to help those who have suffered.
The malevolent users behind HTML pages that are used in scams or to spread malware are constantly coming up with new ways to hide their creations from antivirus programs. In February cybercriminals were using Cascading Style Sheets (CSS) to protect scripts from being detected. Now, instead of CSS, they are using