Kaspersky Malware report--April to June 2005.Changing trends in network attacks, cyber (1) From "cybernetics," it is a prefix attached to everyday words to add a computer, electronic or online connotation. The term is similar to "virtual," but the latter is used more frequently. See virtual. blackmailers on the increase and adware going 'deep' are some of the highlights in the April-June 2005 Malware report from Kaspersky Lab Kaspersky Lab is a computer security company, co-founded by Natalia Kaspersky and Eugene Kaspersky in 1997, offering antivirus, anti-spyware, anti-spam, and anti-intrusion products. . The complete report can be found at www.viruslist.com Serious IT security incidents in that last few months within major corporations and the detection of a bespoke be·spoke v. Past tense and a past participle of bespeak. adj. 1. Custom-made. Said especially of clothes. 2. Making or selling custom-made clothes: a bespoke tailor. Trojan-spy in more than 80 organisations in Israel and the UK has revealed a startling star·tle v. star·tled, star·tling, star·tles v.tr. 1. To cause to make a quick involuntary movement or start. 2. To alarm, frighten, or surprise suddenly. See Synonyms at frighten. change in tactics by malware authors: a shift from global infections to 'cherry picking' prime targets. In the report Alexander Gostev comments, "It's one thing to infect a million computers around the world, and to steal 50 thousand credit card numbers from them. It's quite another thing to steal a million credit card numbers by infecting only one computer.' Referring to the recent breach of credit card details, "In order to gain access to the database where credit card numbers were saved, the Trojan would have to have been programmed specifically for the CardSystem Solutions database." The report also notes that the malicious program allegedly responsible has not yet reached anti-virus companies. In December 2004 Kaspersky Lab received the first samples of a number of files which were encrypted en·crypt tr.v. en·crypt·ed, en·crypt·ing, en·crypts 1. To put into code or cipher. 2. Computer Science by an unknown encryption The reversible transformation of data from the original (the plaintext) to a difficult-to-interpret format (the ciphertext) as a mechanism for protecting its confidentiality, integrity and sometimes its authenticity. Encryption uses an encryption algorithm and one or more encryption keys. program. Now classified as Virus.Win32.Gpcode, this marks the beginning of a new era in cyber crime where individuals are blackmailed to have their encrypted data restored. In just one week in June, Kasperky Lab counted over twenty-four different encryption methods used by the virus. 'The most depressing thing about this whole affair has been the number of users who have contacted the author of the malicious program, and who may have directly paid him the ransom demanded. By doing so, the users have not only lost money, but have also encouraged the author to create new versions of this encryption program and to conduct further attacks on other users,' says the report. 'The encryption algorithms A formula used to turn ordinary data, or "plaintext," into a secret code known as "ciphertext." Each algorithm uses a string of bits known as a "key" to perform the calculations. The larger the key (the more bits), the greater the number of potential patterns can be created, thus making used to encrypt files are extremely primitive and encrypted files can easily be restored to their original condition by using a good anti-virus which includes the right detections and treatment procedures. All the user needs to do is to send one encrypted file to an anti-virus company for analysis." The evolution rate of adware is now rapidly changing, with the use of virus technology to penetrate systems and mask the presence of adware on infected machines, such as exploiting browser vulnerabilities, utilising rootkit technology, writing its own code to system files and replacing system applications, changing files on the user's computer, etc. In June, Kaspersky Lab detected a piece of adware that hides its presence in the system by using a rootkit driver. This is a cause for serious concern, because until now, this behaviour had only been present in backdoor See trapdoor. programs. The vast majority of anti-virus solutions are unable to detect and delete rootkits from Windows systems, and naturally, the latest dedicated anti-adware/spyware solutions are unable to do this either. Only a multi-functional anti-virus program, which works with the operating system operating system (OS) Software that controls the operation of a computer, directs the input and output of data, keeps track of files, and controls the processing of computer programs. at the very lowest levels and moilitors all system functions, is able to detect rootkits in an infected system. www.kaspersky.com |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion