SOURCE: M86 Security

M86 Security

July 14, 2010 07:00 ET

Latest M86 Security Labs Report Details New Ways Cybercriminals Are Thwarting Security

As Existing Attacks Become Less Effective, M86 Security Researchers Note an Increase in Combined Attacks Which Are More Difficult to Detect

ORANGE, CA--(Marketwire - July 14, 2010) -  M86 Security, the global expert in real-time Web and email threat protection, today unveiled its latest Security Labs Report which details the emergence of combined attacks that leverage Adobe's ActionScript and JavaScript languages to thwart most of the new, proactive detection mechanisms.

The bi-annual report, the latest from M86 Security which covers the first half of 2010, highlights the evolution of obfuscation through combined attacks. This threat trend is the latest to emerge as cybercriminals seek new ways to limit the effectiveness of many proactive security controls. Because existing techniques for "covering their tracks" are becoming less effective, cybercriminals have begun using combined attacks, which are more complex and difficult to detect. By splitting the malicious code between Adobe ActionScript language -- built into Adobe flash -- and JavaScript components on the webpage, they limit the effectiveness of many of the proactive security detection mechanisms in place today.

The report also covers another very concerning development, which was the automated widespread infection of legitimate websites by the returning Asprox botnet. In June, M86 Security Labs found more than 10,000 ASP sites had been infected by the Asprox Spambot over a period of only three days. An interesting factor of the attack was that the botnet performed a Google search term used to seek out additional vulnerable ASP sites. The bot not only spams, but also launches the SQL injection attack used to inject the target websites.

"Traditional methods such as spambots and dynamic code obfuscation are still very much in use. However the first half of 2010 has also seen the emergence of new advanced methods as seen in the new combined attacks. Cybercriminals continue to try and outsmart even the latest Internet security protection mechanisms," said Bradley Anstis, vice president of technology strategy, M86 Security. "M86's latest Security Labs Report documents these and other emerging threats so that security professionals can improve and increase their precautions within their organizations. We offer a range of precautions and recommendations outlined in the latest Security Labs Report to help combat these threats."

Spam Remains a Significant Threat
Whether targeting vulnerabilities in Adobe Reader/Acrobat through infected PDF files or themed campaigns exploiting the public's high level of interest in the World Cup by sending out malicious HTML emails and blended email attacks, malicious spam continues to evolve. Even with successful takedowns of rogue ISPs, the global spam volume continues to increase, marching on unhindered by these efforts, indicating that this beast cannot simply be contained without going after its head: affiliate programs. These programs are set up by dubious online retailers who use Botnet operators -- or herders -- to drive sales to their websites via spam campaigns. These herders are then paid a commission on any sales made as a direct result of these campaigns.

The new M86 Security Labs Report notes that two of the top three spambots M86 tracks utilize just one affiliate program, Canadian Pharmacy, which remains the most popular because it is the most lucrative. Pharmacy-related spam accounted for 80.7% of all spam in the first half of 2010 and Canadian Pharmacy was responsible for 67% of that spam.

To download the full M86 Security Labs Report, please go to

About M86 Security Labs
M86 Security Labs is a group of security analysts specializing in email and Web threats, from spam to malware. They continuously monitor and respond to Internet security threats. The Security Labs' primary purpose is to provide a value-added service to M86 customers as part of product maintenance and support. This service includes frequent updates to M86's unique, proprietary anti-spam technology, SpamCensor, as well as Web threat and vulnerability updates to the M86 Secure Web Gateway products. The updates allow M86 customers to proactively detect and block new and emerging exploits, threats and malware.

Data and analysis from M86 Security Labs is continuously updated and always accessible online at and on Twitter at

About M86 Security
M86 Security is the global expert in real-time threat protection and the industry's leading Secure Web Gateway provider. The company's appliance, software, and Software as a Service (SaaS) solutions for Web and email security protect more than 24,000 customers and over 17 million users worldwide. M86 products use patented real-time code analysis and behavior-based malware detection technologies as well as threat intelligence from M86 Security Labs to protect networks against new and advanced threats, secure confidential information, and ensure regulatory compliance. The company is based in Orange, California with international headquarters in London and development centers in California, Israel, and New Zealand. For more information about M86 Security, please visit:

Follow M86 Security on Twitter at:
Facebook at:
M86 Security Labs Blog at:

Contact Information

  • Media Contacts:

    Activa PR
    Jan Wiedrick-Kozlowski
    Email Contact