SUNNYVALE, Calif., Mar. 5, 2009 - Fortinet^®- a market-leading network security provider and worldwide leader of unified threat management (UTM) solutions - today announced its February 2009 Threatscape eport, which shows activities by a super worm, an emerging botnet, a sexy mobile threat and a steady uptick in spam, featuring Valentines- and economy-related themes. Additional insights about this months trends are noted below:

• Exploits in high volume, but a little less active: most notable was a three-fold increase in the number of vulnerabilities; however, the active exploit rate was down to 25.6 percent from 30.2 percent last month. Conficker, the latest super worm to spread around the Internet, is still running strong. Fortinet systems showed exploitation of the well-known MS08-067 vulnerability, displaying the highest recorded activity to date on February 14th, 2009. As of this writing, volume levels are still quite high.
• Malware stable and steady: activity level remains similar to last month with no new variants introduced in the Top 10 for two consecutive months. Waledac, a relatively new botnet in town, went on a long run using a Valentines Day campaign to dupe users into downloading a malicious executable which was a copy of the Waledac Trojan. The campaign used a variety of domain/sub domain names, safe-haven registrars and fast flux. As of this writing, the campaign is still alive but is using a different theme dubbed as the Couponizer. The U.S. was the top recipient of malware activity regionally, with 51.07% of worldwide activity. Japan (42.11%), China (22.26%), India (21.62%) and Canada (19.91%) made up the rest of the top 5 regions.
• Mobile threats taking shape: after new variants of Flocker surfaced in January, targeting accounts with Indonesian operators, Fortinet reported on Yxes.A in February -- the latest SymbianOS threat -- aka "Sexy View." While mobile threats are certainly low profile in terms of prevalence (compared to non-mobile threats), this is an area to monitor with the growing adoption of 3G networks and the increased use of handheld devices. The biggest threat posed by SymbOS/Yxes.A is its ground-breaking propagation function; with the capability to spread through SMS by providing malicious ULs, a bridge is created from mobile telecommunications to the Internet. In turn, this opens up a range of possibilities, effectively allowing the authors more control over their creation. With more control and functionality added, Yxes.A indicates that we may not be far away from a mobile botnet.
• Spam levels remained consistent: spam rates in February peaked at 55 percent of the global email rate, inching back up from a sharp decrease late 2008, due largely to the McColo take-down in November 2008. Cyber criminals could not let Valentines Day pass without the requisite eCard spam campaign (courtesy of Waledac this year). In addition, phishing and scam emails are as popular as ever in play with the economic crisis, as Fortinets spam traps harvested loan and job scams showing up in localized languages to various regions. Highest spam rates by region are as follows: U.S. (22.16%), Japan (10.69%), Taiwan (10.63%), Italy (7.35%) and Canada (5.30%).

"The economy will likely remain a strong theme in upcoming months as cyber criminals tap into fear-mongering tactics to take advantage of the global economic downturn; in the criminal underworld, both online and off, illegitimate jobs are created as legitimate ones are eliminated," said Derek Manky, project manager, cyber security and threat research, Fortinet. "Mobile threats are also likely to be a recurring theme. We are just starting to see the tip of the iceberg in this threat vector with the latest SymbianOS threat, Sexy View, but we predict much more to come as criminals redirect their focus with the growth of mobile platforms, applications and broader bandwidth."

The Fortinet FortiGuard® Global Security esearch team compiled threat statistics and trends for February based on data collected from FortiGate® network security appliances and intelligence systems in production worldwide. Customers who use Fortinets FortiGuard Subscription Services should already be protected against the threats outlined in this report.

To read the full February Threatscape report which includes the top threat rankings in each category, please visit: http://www.fortiguardcenter.com/reports/roundup_feb_2009.html. For ongoing threat research, bookmark the FortiGuard Center (http://www.fortiguardcenter.com/) or add it to your SS feed by going to http://www.fortinet.com/FortiGuardCenter/rss/index.html. Additional discussion on security technologies and threat analysis can be found at the FortiGuard Blog at http://blog.fortinet.com. To learn more about FortiGuard Subscription Services, visit http://www.fortinet.com/products/fortiguard.html.

FortiGuard Subscription Services offer broad security solutions including antivirus, intrusion prevention, Web content filtering and anti-spam capabilities. These services help enable protection against threats on both application and network layers. FortiGuard Services are updated by the FortiGuard Global Security esearch Team, which enables Fortinet to deliver a combination of multi-layered security intelligence and zero-day protection from new and emerging threats. For customers with a subscription to FortiGuard, these updates are delivered to all FortiGate®, FortiMail™ and FortiClient™ products.