Crimeware Double Threat Menaces Internet

Crimeware Variants & Crimeware-Distributing URLs Increase in January

LOS ALTOS, Calif. & CAMBRIDGE, Mass.--( APWG announced today that its January survey shows a new record high in the number of unique keylogger crimeware variants detected - while the number crimeware-spreading URLs rose to nearly its old record attained in November of last year.

The number of unique keylogger variants detected in January reached a new high of 364, an increase of 1.4% from the previous high in October, 2007. The number of websites that were found to be hosting keylogging crimeware systems rose by over 1,100 from December, reaching 3,362, the second highest number recorded in the preceding 12 months.

Websense Security Labs believes much of the increase in crimeware-spreading URLs is due to attackers' increasing ability to co-opt sites. Dan Hubbard, Websense Vice President of Security Research said, "The attackers appear to be getting better at infecting good sites through automation and tools."

Highlights from the APWG January Phishing Trends Report:

The total number of unique phishing reports submitted to APWG in January 2008 was 29,284, an increase of over 3,600 reports from the previous month.

The number of brands targeted by phishers in January reported decreased by more than 10 brands to 131.

The number of unique phishing websites detected by APWG was 20,305 in January 2008, a decrease of over 5,000 from the month of December 2007.

In January, the United States moved back to being the top hosting country for password-stealing malicious code with 43.39%, after being eclipsed by China in December.

In January, APWG saw the United States remain the top of country hosting phishing websites with 37.25% of all such websites.

The full text of the January Phishing Activity Trends report is available at this URL:

The APWG is an industry, law enforcement and government coalition focused on eliminating the identity theft and fraud that result from the growing problem of phishing, email spoofing, and crimeware. Membership is open to qualified financial institutions, online retailers, ISPs, the law enforcement community and solutions providers. There are more than 1,800 companies and government agencies participating in the APWG and more than 3,000 members. The APWG's Web site ( offers the public and industry information about phishing and email fraud, including identification and promotion of pragmatic technical solutions that provide immediate protection. APWG's corporate sponsors include: 8e6 Technologies, AT&T, Able NV, ActivCard, Adobe, Afilias Inc., AhnLab, Anakam, BBN Technologies, BlueStreak, BrandMail, BrandProtect, Bsecure Technologies, Cisco, Clear Search, Cloudmark, Comodo, Corillian, Cydelity, Cyveillance, DigiCert, DigitalEnvoy, DigitalResolve, Digital River, Earthlink, eBay/PayPal, Entrust, Experian, eEye Fortinet, FrontPorch, F-Secure, Grisoft, GeoTrust, GlobalSign, GoDaddy, Goodmail Systems, GuardID Systems, IronPort, HitachiJoHo, ING Bank, Iconix, InternetIndentity, Internet Security Systems, IOvation, IS3, IT Matrix, Kaspersky Labs, Lenos Software, LightSpeed Systems, MailFrontier, MailShell, MarkMonitor, McAfee, MasterCard, MessageLevel, Microsoft, Mirapoint, MySpace, MyPW, MX Logic, NameProtect, National Australia Bank Netcraft, NetStar, Panda Software, Phoenix Technologies Inc., Quova, RSA SalesForce, Security, SAIC, SecureBrain, Secure Computing, S21sec, Sigaba, SoftForum, SOPHOS, SquareTrade, SurfControl, Symantec (SYMC), TDS Telecom, Telefonica, Trend Micro, Tricerion, TriCipher, Tumbleweed Communications, SurfControl, Vasco, VeriSign, Visa, Websense Inc., WholeSecurity, and Yahoo!

Cas Purdy, +1 858-320-9493
Peter Cassidy, +1 617-669-1123