"Malware evolution: January - March 2005".Kaspersky Lab Kaspersky Lab is a computer security company, co-founded by Natalia Kaspersky and Eugene Kaspersky in 1997, offering antivirus, anti-spyware, anti-spam, and anti-intrusion products. has published its analysis of malware (MALicious softWARE) Software designed to destroy, aggravate and otherwise make life unhappy. See crimeware, virus, worm, logic bomb, macro virus and Trojan. trends for the first quarter of 2005. In the report Alexander Gostev, Senior Virus Analyst of Kaspersky Lab, describes current cyber (1) From "cybernetics," it is a prefix attached to everyday words to add a computer, electronic or online connotation. The term is similar to "virtual," but the latter is used more frequently. See virtual. threats, details which are currently the most serious and explains how they are likely to evolve over the next few months, Statistics and research produced by Kaspersky Lab virus analysts offer some unexpected results which cast new light on current trends in the malware world. Why haven't there been any major outbreaks caused by email worms in over a year? Where have IM-worms targeting ICQ ("I Seek You") A conferencing program for the Internet from Mirabilis, Tel Aviv, Israel (www.icq.com). It provides interactive chat, e-mail and file transfer and can alert you when someone on your predefined list has also come online. , AOL (A division of Time Warner, Inc., New York, NY, www.aol.com) The world's largest online information service with access to the Internet, e-mail, chat rooms and a variety of databases and services. and MSN Messenger Microsoft's instant messaging (IM) service, which provides text messaging and voice calling. Part of the MSN Network, MSN Messenger clients are available for non-XP versions of Windows, Mac, Pocket PC and MSN TV. For Windows XP, the IM client is Windows Messenger. come from? What is the background behind the recent flare-up of phishing Pronounced "fishing," it is a scam to steal valuable information such as credit card and social security numbers, user IDs and passwords. Also known as "brand spoofing," an official-looking e-mail is sent to potential victims pretending to be from their ISP, bank or retail establishment. attacks? How has Microsoft Service Pack 2 for Windows YP changed the face of IT security. How is the development of adware and spyware affecting the cyber-threat landscape? In the report Alexander Gestev explains how the events of the first quarter of 2005 show that classic email worms are on the decline, with network and instant messaging Exchanging text messages in real time between two or more people logged into a particular instant messaging (IM) service. Instant messaging is more interactive than e-mail because messages are sent immediately, whereas e-mail messages can be queued up in a mail server for seconds or worms exploiting relatively lax security to take their place. He proposes that the decline in successful email worms (i.e. ones which caused significant outbreaks) may be due to the fact that the anti-virus industry has developed new methods to block such worms. However, Alexander Gostev warns that "network worms which exploit Windows vulnerabilities are starting to represent more and more of a threat. Scanning network traffic as well as email traffic is therefore essential." IM-worms are still in their infancy, probably because they are still in the domain of script-kiddies. This, together with improved Windows security, has led to a relatively quiet three months. However, phishing attacks are now moving to the fore; the convergence of adware and malicious code, the increase in botnets, and malicious programs for mobile devices seem to indicate that the first quarter of this year may simply be the calm before the storm. Alexander Gostev explains further his thoughts on adware, 'The boundary between harmless adware and malicious programs has effectively disappeared. Every day the Kaspersky Virus Lab detects more and more programs that seem to be adware, but which bear all of the hallmarks of Trojans. Virus. Win32.Bube, serves as a vivid example of how the boundary between adware and other malware no longer really exists." "Adware, viruses and Trojans now exhibit many of the same characteristics, meaning that products designed only to protect against adware should be treated with a healthy degree of skepticism. With adware becoming increasingly inseparable from classic malware, dedicated anti-adware solutions will simply cease to provide adequate protection." Finally, Alexander Gostev reports on the increasing interest from malware writers in online games and explains how Kaspersky Lab has set up a unique relationship with the publishers of the Russian game, "Boitsovsky Klub' (Fight Club). "In this game, a single object can be sold on for up to a thousand dollars and the threat to users posed by malicious programs that steal username The name you use to identify yourself when logging into a computer system or online service. Both a username (user ID) and a password are required. In an Internet e-mail address, the username is the left part before the @ sign. For example, KARENB is the username in karenb@mycompany. and passwords is extremely serious. The malicious, unauthorized user has access to someone else's character, and all the objects that this character has accumulated. They will then either sell an 'object' to another gamer for money or just keep the user name and password to play the game themselves." Game administrators now forward any viruses, scripts and Trojans attacking the game portals Game portals are distribution channels for games. People can play or download games from a portal and/or buy it through a gameportal. One reason for using gameportals is publicity: the top listings of games in gameportals receive millions of downloads and/or gamers that want to , and Kaspersky Lab ensures that updates protecting against such threats are released almost immediately. This joint project is unique in the world of online gaming See gaming. . Alexander Gostev concludes, "With the potential profits to be made in this area, it is more than likely that malicious code designed to steal such information will continue to evolve rapidly." www.kaspersky.com |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion