Printer Friendly

"Malware evolution: January - March 2005".

Kaspersky Lab has published its analysis of malware trends for the first quarter of 2005. In the report Alexander Gostev, Senior Virus Analyst of Kaspersky Lab, describes current cyber threats, details which are currently the most serious and explains how they are likely to evolve over the next few months, Statistics and research produced by Kaspersky Lab virus analysts offer some unexpected results which cast new light on current trends in the malware world.

Why haven't there been any major outbreaks caused by email worms in over a year? Where have IM-worms targeting ICQ, AOL and MSN Messenger come from? What is the background behind the recent flare-up of phishing attacks? How has Microsoft Service Pack 2 for Windows YP changed the face of IT security. How is the development of adware and spyware affecting the cyber-threat landscape? In the report Alexander Gestev explains how the events of the first quarter of 2005 show that classic email worms are on the decline, with network and instant messaging worms exploiting relatively lax security to take their place. He proposes that the decline in successful email worms (i.e. ones which caused significant outbreaks) may be due to the fact that the anti-virus industry has developed new methods to block such worms. However, Alexander Gostev warns that "network worms which exploit Windows vulnerabilities are starting to represent more and more of a threat. Scanning network traffic as well as email traffic is therefore essential."

IM-worms are still in their infancy, probably because they are still in the domain of script-kiddies. This, together with improved Windows security, has led to a relatively quiet three months.

However, phishing attacks are now moving to the fore; the convergence of adware and malicious code, the increase in botnets, and malicious programs for mobile devices seem to indicate that the first quarter of this year may simply be the calm before the storm.

Alexander Gostev explains further his thoughts on adware, 'The boundary between harmless adware and malicious programs has effectively disappeared. Every day the Kaspersky Virus Lab detects more and more programs that seem to be adware, but which bear all of the hallmarks of Trojans. Virus. Win32.Bube, serves as a vivid example of how the boundary between adware and other malware no longer really exists."

"Adware, viruses and Trojans now exhibit many of the same characteristics, meaning that products designed only to protect against adware should be treated with a healthy degree of skepticism. With adware becoming increasingly inseparable from classic malware, dedicated anti-adware solutions will simply cease to provide adequate protection."

Finally, Alexander Gostev reports on the increasing interest from malware writers in online games and explains how Kaspersky Lab has set up a unique relationship with the publishers of the Russian game, "Boitsovsky Klub' (Fight Club). "In this game, a single object can be sold on for up to a thousand dollars and the threat to users posed by malicious programs that steal username and passwords is extremely serious. The malicious, unauthorized user has access to someone else's character, and all the objects that this character has accumulated. They will then either sell an 'object' to another gamer for money or just keep the user name and password to play the game themselves."

Game administrators now forward any viruses, scripts and Trojans attacking the game portals, and Kaspersky Lab ensures that updates protecting against such threats are released almost immediately. This joint project is unique in the world of online gaming.

Alexander Gostev concludes, "With the potential profits to be made in this area, it is more than likely that malicious code designed to steal such information will continue to evolve rapidly."
COPYRIGHT 2005 A.P. Publications Ltd.
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2005, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:Security
Publication:Software World
Geographic Code:1USA
Date:May 1, 2005
Previous Article:Call for framework to report viruses.
Next Article:Sober-N worm in over 40 countries, shows no sign of disappearing.

Related Articles
Threat Management Report.
Top ten viruses reported to Sophos in February.
Sophos Security report reveals Trojan domination in first half of 2006.
Sophos security threat management report: update July 2006.
Kaspersky Lab presents malware evolution: April-June 2006.
2006 annual threat round-up and 2007 forecast: a special report by Trend Micro- December 2006 David Sancho, threat specialist Jamz Yaneza, senior...
ScanSafe reports spyware skyrockets.
Security and products; top 10 threats for February.
All businesses are suffering disruptions due to malware.
Internet criminals change tactics.

Terms of use | Privacy policy | Copyright © 2019 Farlex, Inc. | Feedback | For webmasters