Commtouch Reports: "Happy New Year!" Virus Ends 2006 with a Blast.Massive Multi-Variant Malware Signals a Challenging 2007 for Traditional Anti-Virus Solutions MOUNTAIN VIEW, Calif. -- Spraying across the Internet in celebratory viral "confetti," the email-borne "Happy New Year!" malware outbreak circumvents many leading signature-based AV solutions, Commtouch (Nasdaq: CTCH CTCH Common Traffic Channel ) reported. The 'Happy New Year!' malware attack - which is still in progress - is the most intensive outbreak of 2006, since it is comprised of a staggering number of distinct, low-volume variants, which were released from multiple sources simultaneously, and at short time intervals. "This outbreak ushered out 2006 with a bang, while loudly forewarning the nature of viral outbreaks in 2007," said Haggai Carmon, Commtouch Vice President of Products. "During 2006, a growing number of massive server-side polymorphic polymorphic - polymorphism outbreaks swarmed the Internet and successfully maintained a sizable siz·a·ble also size·a·ble adj. Of considerable size; fairly large. siz  a·ble·ness n. lead of several hours to weeks ahead of traditional signature-based solutions. Examples of these include Feebs, Stration/Warezov and of course the 'Happy New Year!' malware to name just a few. What makes them so unique," Carmon continued, "is that they are released in a large number of distinct and short-lived variants, making it impossible to generate one signature or heuristic rule Noun 1. heuristic rule - a commonsense rule (or set of rules) intended to increase the probability of solving some problemheuristic, heuristic program to effectively protect against them. In this way, malware writers maximize their chances of infecting the largest number of machines." Commtouch identified and blocked 3,262 distinct variants during the first 65 hours of 'Happy New Year!' malware activity, and there were at least three time periods on Friday, December 29, when the malware accounted for nearly 12% of all global Internet email traffic. On Friday Commtouch tracked 842 distinct variants that were released to the Internet during a single five-minute period. "We expect this trend to continue to grow in 2007, since server-side polymorphic outbreaks have become the most effective method to infiltrate infiltrate /in·fil·trate/ (in-fil´trat) 1. to penetrate the interstices of a tissue or substance. 2. the material or solution so deposited. in·fil·trate v. 1. through existing defenses," Haggai Carmon summarized. "Events like the New Year's holiday force virus writers to concentrate their massive outbreaks in a short period of time. Other outbreaks like the Stration/Warezov attack can afford to stretch on for months, releasing recurrent waves of mass-variants each time." The malware has been sent from multiple sources in a format that appears to be a New Year's greeting, in order to entice users to open and click on the attachment. Subject lines of the messages include: "Happy New Year!" and "Happy 2007!" and sample attachment filenames are: postcard.txt, postcard.exe, or greeting card.txt. If a user opens the attached file, the malware attempts to shut down the PC's security programs, scans for e-mail addresses See Internet address. e-mail address - electronic mail address to send out copies of itself, and installs various malicious Involving malice; characterized by wicked or mischievous motives or intentions. An act done maliciously is one that is wrongful and performed willfully or intentionally, and without legal justification. DESERTION, MALICIOUS. programs that, among other things, turns the computer into a spam zombie See zombie. . Commtouch Zero-Hour[TM] Virus Outbreak Protection detects and blocks email-borne outbreaks like the "Happy New Year" malware within moments of their release, powered by its Recurrent Pattern Detection[TM] technology. Commtouch's service is offered to messaging, security and anti-virus vendors for OEM (Original Equipment Manufacturer) The rebranding of equipment and selling it. The term initially referred to the company that made the products (the "original" manufacturer), but eventually became widely used to refer to the organization that buys the products and integration as a complementary outbreak detection solution. About Commtouch Commtouch Software Ltd. (NASDAQ: CTCH) is dedicated to protecting and preserving the integrity of the world's most important communications tool -- e-mail. Commtouch has over 15 years of experience developing messaging software and is a global developer and provider of proprietary anti-spam and Zero-Hour virus protection solutions. Using core technologies including RPD RPD Rapid RPD Radiation Protection Dosimetry RPD Rapid Product Development RPD Rochester Police Department RPD Recurrent Pattern Detection (Commtouch anti-spam engine) RPD Relative Percent Difference RPD Removable Partial Denture (Recurrent Pattern Detection[TM]), the Commtouch Detection Center analyzes billions of email messages per month to identify new spam E-mail that is not requested. Also known as "unsolicited commercial e-mail" (UCE), "unsolicited bulk e-mail" (UBE), "gray mail" and just plain "junk mail," the term is both a noun (the e-mail message) and a verb (to send it). and malware outbreaks within minutes of their introduction into the Internet. Integrated by more than 50 OEM partners, Commtouch technology protects thousands of organizations, with over 50 million users in over 100 countries. Commtouch is headquartered in Netanya, Israel, and has a subsidiary in Mountain View, Calif. For more information, see: www.commtouch.com. The site includes the Commtouch online lab detailing spam statistics and charts. This press release contains forward-looking statements forward-looking statement A projected financial statement based on management expectations. A forward-looking statement involves risks with regard to the accuracy of assumptions underlying the projections. , including projections about Commtouch business, within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. For example, statements in the future tense future tense n. A verb tense expressing future time. Noun 1. future tense - a verb tense that expresses actions or states in the future future , and statements including words such as "expect," "plan," "estimate," "anticipate," or "believe" are forward-looking statements. These statements are based on information available to us at the time of the release; we assume no obligation to update any of them. The statements in this release are not guarantees of future performance and actual results could differ materially from our current expectations as a result of numerous factors, including business conditions and growth or deterioration de·te·ri·o·ra·tion n. The process or condition of becoming worse. in the Internet market, commerce and the general economy, both domestic as well as international; fewer than expected new-partner relationships; competitive factors, including pricing pressures; technological developments, and products offered by competitors; the ability of our OEM partners to successfully penetrate markets with products integrated with Commtouch technology; a slower than expected acceptance rate for our newer product offerings; availability of qualified staff for expansion; and technological difficulties and resource constraints CONSTRAINTS - A language for solving constraints using value inference. ["CONSTRAINTS: A Language for Expressing Almost-Hierarchical Descriptions", G.J. Sussman et al, Artif Intell 14(1):1-39 (Aug 1980)]. encountered in developing new products, as well as those risks described in the text of this press release and the company's Annual Reports on Form 20-F and reports on Form 6-K, which are available through www.sec.gov. Recurrent Pattern Detection, RPD and Zero-Hour are trademarks, and Commtouch is a registered trademark, of Commtouch Software Ltd. U.S. Patent No. 6,330,590 is owned by Commtouch. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion