Malware Fiesta Attracts and Infects Thousands

An automated malware infection tool called Fiesta is highly successful when it comes to infiltrating systems that use Internet Explorer.

According to information published by Prevx, Fiesta 2.4 is available in underground circles for about $850. When unleashed the tool can try as many as 25 different exploits against a browser that happens to land on a site running the tool.

Prevx found such a site, penetrated the backend interface, and monitored Fiesta activity. Based on data gather over a short period of time (less than a few days), approximately 26,076 systems were attacked. Of those systems, 3137 became infected with some form of malware.

The interesting aspect of the stats is that of those 3137 systems the vast majority were using Internet Explorer 6 or 7, with the majority using IE 6. Users that were running Opera also suffered malware infection but the total number is minuscule in comparison to IE.

If I read the stats right not a single infection occurred on systems using Firefox. The could be for a variety of reasons including the idea that perhaps the majority of the attack types are specially crafted for other browsers. I could be wrong though.

Regardless, the stats clearly point out that attackers favor Internet Explorer as a target of choice - and we've known that for well over a decade already. Not much has changed in that regard, which isn't surprising.

Head over to Prevx and check out the stats to get the detailed breakdown.