FortiGuard Advisory (FGA-2007-09)
Thailand in the Eye of the Storm Tibs (aka Storm) is now making a very loud noise as it infiltrates the Internet via faux greeting card emails. Although the malware is being found throughout the world, the malware creators seem to be keenly focusing on an infestation in one specific area more than others -- Thailand. For the past few weeks, the Storm (Tibs) level in Thailand has risen far above any other countries. Thailand, with only 31.5 million in population (compared to the 300 million in the United States), has been inundated with this threat. Assuming that both countries have the same rate of Internet users, the ratio in population is almost 1:10. Yet the Tibs detection ratio is 10:1 in favor of Thailand.
This strain of Tibs has evolved from a magnitude of a million. See "(virus) Writers in the Storm" on January 2007 malware roundup. It appears that the malware author finds it more effective if Tibs flies below the radar. One of the possible reasons why there is more detection in Thailand is that infected machines host the Tibs malware that is linked to the next wave of spammed emails. Disclaimer: Although Fortinet has attempted to provide accurate information in these materials, Fortinet assumes no legal responsibility for the accuracy or completeness of the information. More specific information is available on request from Fortinet. Please note that Fortinet's product information does not constitute or contain any guarantee, warranty or legally binding representation, unless expressly identified as such in a duly signed writing. About Fortinet ( www.fortinet.com ): Fortinet is the pioneer and leading provider of ASIC-accelerated unified threat management, or UTM, security systems, which are used by enterprises and service providers to increase their security while reducing total operating costs. Fortinet solutions were built from the ground up to integrate multiple levels of security protection--including firewall, antivirus, intrusion prevention, VPN, spyware prevention and anti-spam -- designed to help customers protect against network and content level threats. Leveraging a custom ASIC and unified interface, Fortinet solutions offer advanced security functionality that scales from remote office to chassis-based solutions with integrated management and reporting. Fortinet solutions have won multiple awards around the world and are the only security products that are certified in six programs by ICSA Labs: (Firewall, Antivirus, IPSec, SSL, Network IPS, and Anti-Spyware). Fortinet is privately held and based in Sunnyvale, California. |
