INF/Autorun, according to the statistical information from ThreatSense.Net, yet again wins the spot of the top most ranked global threat in May 2011 with 6.58 percent of occurrence. The second most wide-spread malware globally turned to be, for several months now, Win32/Conficker with a 3.61 percent share, followed by yet another old-timer Win32/PSW.OnlineGames with 1.92%.Last month in cyberspace, Sony PlayStation Network/Qriocity Service breach continued to hit the news with most of the users changing their passwords. Sony has not reported whether credit card details were breached, which has resulted in many people cancelling credit cards used in conjunction with their Sony accounts. “However, the insidious threat that many people may miss is the compromise of the answers to password reset questions. That was some of the data that was reportedly compromised in the breach, and has perpetual consequences if you do not change your security reset answers on other sites as well,” says Randy Abrams, Director of Technical Education at ESET.The way the password reset attack works is that a hacker tries to log into users account. It may be an email account, a social networking account, a blogging account, or another type of online account. The hacker clicks the link for “I forgot my password” and is challenged with security questions. Having obtained the answers from the Sony data breach, the hacker knows the answers to the reset questions “He is then able to commandeer your accounts, depending on the mechanism that particular sites use in conjunction with the security challenge questions,” says Abrams.Global Threats According to ESET ThreatSense.Net® (May 2011)
- INT
- About ESET
- Newsroom
- Press Releases
- Threats in May: Playstation Breach – Password Reset Attack Looming; INF/Autorun – Top-ranking Global and European Malware