Malware Report

July 20, 2012 12:00 AM - July 20, 2012 10:40 AM

Generated by Check Point SmartEvent, on July 20, 2012 10:40 AM Protected Hosts

Infected Hosts By Infection Duration

Less than a Day

Top Malware By Number of Hosts

Operator.JitteryPictur...

3 Hosts
Involved in Malicious Activity

3 Hosts

3 Hosts

1
Detected Malw are

Incidents between Jul 20 to Jul 20

3

5 Incidents Malicious
5
Prevented

0
Detected

0B
Total Sent

0B
Total Received

Communication with C&C

2
Prevent

Detect (Policy can be modified to prevent more or all incident types)

0 Fri 05:30
Total

Fri 07:30
Critical & High severity incidents

Fri 09:30

1/10

Malware Report
July 20, 2012 12:00 AM - July 20, 2012 10:40 AM

Table of Contents
Top Hosts Involved in Malicious Activity Top Malware Top Activities and their Top Hosts Top Protection Types and their Top Malware Malware Activity Infected Hosts by Infection Duration Top Destination Countries Malware News

3 4 5 6 7 8 9 10

2/10

Malware Report
July 20, 2012 12:00 AM - July 20, 2012 10:40 AM

Top Hosts Involved in Malicious Activity

By Number of Incidents By Sent Traffic (Bytes)

172.25.104.188

172.25.104.64

172.25.104.230

172.25.104.188

172.25.104.64

172.25.104.230 0
Num. of Incidents 2 2 1 5

2
Sent Traffic 0B 0B 0B 0B

3
Received Traffic 0B 0B 0B 0B Sent Traffic 0B 0B 0B 0B Received Traffic 0B 0B 0B 0B Num. of Incidents 1 2 2 5

Machine Name 172.25.104.188 172.25.104.230 172.25.104.64 Total (3)

Prevented 2 2 1 5

Detected 0 0 0 0

Machine Name 172.25.104.64 172.25.104.188 172.25.104.230 Total (3)

Prevented 1 2 2 5

Detected 0 0 0 0

Policy can be modified to prevent more or all incident types

3/10

Malware Report
July 20, 2012 12:00 AM - July 20, 2012 10:40 AM

Top Malware
By Number of Incidents By Sent Traffic (Bytes)

Operator.JitteryPicture.d...

Operator.JitteryPicture.d...

0
Malware Name Operator.JitteryPicture.d

4
Num. of Hosts 3

6
Comment Post Infection Sent Traffic 0B Num. of Incidents 5 Num. of Hosts 3

Num. of Incidents 5

Malware Name Operator.JitteryPicture.d

Comment Post Infection

4/10

Malware Report
July 20, 2012 12:00 AM - July 20, 2012 10:40 AM

Top Activities and their Top Hosts

Malware Activity Communication w ith C&C Machine Name 172.25.104.188 172.25.104.230 172.25.104.64 Total (3) Num. of Incidents 2 2 1 5 Sent Traffic 0B 0B 0B 0B Prevented 2 2 1 5 Detected 0 0 0 0

Communication w ith C&C (100%)

Policy can be modified to prevent more or all incident types

5/10

Malware Report
July 20, 2012 12:00 AM - July 20, 2012 10:40 AM

Top Protection Types and their Top Malware

Protection Type URL Reputation Malware Name Operator.JitteryPicture.d Num. of Incidents 5 Num. of Hosts 3 Sent Traffic 0B Prevented 5 Detected 0

URL Reputation (100%)

Policy can be modified to prevent more or all incident types

6/10

Malware Report
July 20, 2012 12:00 AM - July 20, 2012 10:40 AM

Malware Activity
Activity Date Jul 20 2012 05:30 Jul 20 2012 06:30 Jul 20 2012 09:30 Num. of Incidents 1 2 2 Num. of Hosts 1 2 2 Sent Traffic 0B 0B 0B Received Traffic 0B 0B 0B

7
3

3 Num. of Incidents Num. of Hosts 2

0 Fri 05:30

0 Fri 07:30 Fri 09:30

0B Sent Traffic Received Traffic

0B

0B Fri 05:30

0B Fri 07:30 Fri 09:30

7/10

Malware Report
July 20, 2012 12:00 AM - July 20, 2012 10:40 AM

Infected Hosts by Infection Duration

Machine Name 172.25.104.64 172.25.104.230 172.25.104.188 Total (3) Infected Since Jul 20 2012 05:43 Jul 20 2012 06:46 Jul 20 2012 06:47 Num. of Incidents 1 2 2 5 Sent Traffic 0B 0B 0B 0B Prevented 1 2 2 5 Detected 0 0 0 0

8/10

Malware Report
July 20, 2012 12:00 AM - July 20, 2012 10:40 AM

Top Destination Countries

Destination Country Germany Num. of Incidents 5 Num. of Hosts 3 Sent Traffic 0B Received Traffic 0B

9/10

Malware Report
July 20, 2012 12:00 AM - July 20, 2012 10:40 AM

Malware News
Latest Attacks
Anonymous shreds intelligence firm Stratfor
December 25, 2011 - Claimed that 200GB data stolen, with parts of it posted online including the companys extensive client list. Read more

10

Did You Know?

Nearly 90% of spam activity is the result of bots
Altought it may appear to be harmless, in most cases computers sending out spam are infected with bots which can later be used for other malicious purposes (e.g. data theft).

Anonymous Brazil attacks major Brazilian banks

February 7, 2012 - 10 different banks websites where hit with a denial of service attack, including Banco do Brazil, HSBC and the Brazilian Central Bank. Read more

The TDL-4 indestructible botnet infected over 4.5 million computers in the first 3 months of 2011.
The bot Leverages publicly available Peer-to-peer network to communicate with its remote operators as well as affiliate programs as a key means of distribution. Its damages include data theft (such as bank account details and passwords), anonymous Internet access and massive click fraud. Read more

AntiSec leaks Symantec pcAnywhere source code after $50k extortion not paid
February 7, 2012 - Hackers associated with Anonymous published online 1.27 GB of Symantec source code. Read more

Security breaches numbers, costs and APTs:

- 6 out of 10 enterprises experienced multiple security breaches in the past 12 months - 4 out of 10 enterprises responded that overall breaches cost to the organization > $500k - 60% of IT security professional consider APT data breach as a key concern Read more: Ponemon Perception About Network Security Survey (June 2011), Bit9 endpoint security survey Q3/2011

Product Related News

- 3D Security Analysis Report Tool - now supporting the new Anti-Bot and Anti-Virus software blades. Read more

An internet connectivity is needed for this page to be dynamically updated

10/10