Finjan Discovers 1.9 Million Corporate and Government Computers Controlled by Cybercriminals

Finjan Discovers a Network of 1.9 Million Malware-Infected Computers Controlled by Cybercriminals - Corporate and Government Computers Are Included

Findings show that the UK and the US top the list with the highest number of infected computers

Farnborough, United Kingdom, 22nd April 2009 – Finjan Inc., a leader in secure web gateway products and the provider of unified web security solutions for the enterprise market, announced that Finjan’s Malicious Code Research Center (MCRC) has discovered a network of 1.9 million malware-infected computers. Corporate, government and consumer computers around the world were infected by the malware.

This discovery is part of a research conducted by MCRC when investigating command and control servers operated by cybercriminals. The cybercrime server has been in use since February 2009, is hosted in the Ukraine and is controlled by a cybergang of 6 people. These cybercriminals established a vast affiliation network across the Web to successfully distribute and operate their malware install-base. They compromised computers in 77 government-owned domains (.gov) from the UK, US and various other countries.

The malware is remotely controlled by the cybercriminals, enabling them to instruct the malware to execute almost any command on the end-user computer as they see fit, such as: reading emails, copying files, recording keystrokes, sending spam, making screenshots, etc.

Since the discovery of its findings, Finjan has provided UK and US law enforcement with information about the server. Finjan has also contacted affected corporate and government agencies to let them know that they were part of the infected computer names.

“As predicted by Finjan at the end of last year, cybercriminals keep on looking for improved methods to distribute their malware and Trojans are winning the race. The sophistication of the malware and the staggering amount of infected computers proves that cybergangs are raising the bar,” said Yuval Ben-Itzhak, CTO of Finjan. ”As big money drives today’s cybercrime activities, organizations and corporations need to protect their valuable data to prevent theft by these kind of sophisticated cyberattacks.”

The research also revealed that the malware is installed on computers when visiting compromised websites serving malicious code. Information found by MCRC on the command and control server includes the IP addresses of the infected computers as well as the computers’ name inside corporate and government networks that are running the malware.

The global spread of infected computers in percentages is as follows:

· US: 45%
· UK: 6%
· Canada: 4%
· Germany: 4%
· France: 3%
· Other: 38%

The malware is infecting computers running the Windows XP operating system and using the following Web browsers:

· Internet Explorer - 78%
· Firefox - 15%
· Opera - 3%
· Safari - 1%
· Other - 3%

As recommended by leading analysts, a unified Web security solution is the preferred solution for corporate and government agencies against today’s cyber attacks. Finjan’s Unified Secure Web Gateway product combines multi-layered Web security, utilizing real-time content inspection technologies, with data leakage prevention (DLP) solutions. Finjan’s product also provides Web 2.0, productivity, liability and bandwidth control via URL categorization, content caching and applications control technologies on one dedicated appliance. This enables companies and governmental agencies alike to enjoy optimal multi-layered protection in real-time, with lower Total Cost of Ownership (TCO) and higher Return on Investment (ROI).

Screenshots and examples taken from the command and control server can be found on Finjan’s MCRC blog post at: www.finjan.com/mcrcblog

Finjan’s team will be available for questions regarding the discovery at Infosecurity Europe conference, Earls Court, London, UK on 28-30 April (Booth H20, Hall EC1). Finjan also invites you to come to the Business Strategy Theatre, when Finjan’s UK Regional Director Mr. Tim Warner will hold the seminar “How Organisations can protect themselves against the current Cybergeddon” on Wednesday April 29, starting at 15:20 hrs.

Finjan’s Malicious Code Research Center (MCRC) specializes in the detection, analysis and research of web threats, including Crimeware, Web 2.0 attacks, Trojans and other forms of malware. Its goal is to be ahead of hackers and cybercriminals, who are attempting to exploit flaws in computer platforms and applications for their profit. In order to protect Finjan’s customers from the next Crimeware wave and emerging malware and attack vectors, MCRC is a driving force behind the development of Finjan's next generation of security technologies used in its unified Secure Web Gateway solutions. For more information please also visit MCRC’s info center and blog.

Finjan is a leading provider of secure web gateway solutions for the enterprise market. Finjan Secure Web Gateway provides organizations with a unified web security solution combining productivity, liability and bandwidth control via URL categorization, content caching and applications control technologies. Crimeware, malware and data leakage are proactively prevented via patented active real-time content inspection technologies and optional anti-virus modules. Powerful central management enables intuitive task-based policy management, excellent drill-down reporting capabilities and easy directory integration for all network implementation options. By integrating several security engines in a single dedicated appliance, Finjan’s comprehensive and integrated web security solution enables quick deployment, simplified management and reduction of costs. Business benefits include real-time web security (no patches or updates needed), lower total cost of ownership (TCO), cost savings in administration efforts, lower maintenance costs, and reduction in loss of productivity. Finjan's security solutions have received industry awards and recognition from leading analyst houses and publications, including Gartner, IDC, Butler Group, SC Magazine, eWEEK, CRN, ITPro, PCPro, ITWeek, Network Computing, and Information Security. With Finjan’s award-winning and widely used solutions, businesses can focus on implementing web strategies to realize their full organizational and commercial potential. For more information about Finjan, please visit: www.finjan.com.

Neil Stinchcombe
Eskenzi PR
<>