Fighting malware and spam

Symantec, Kaspersky issue threat reports

Trojans, vulnerabilities, spam and crime loom large.

Symantec and Kaspersky have both released overviews of security dangers faced in the first half of 2006 this week, and both present a fairly gloomy picture.

The Kaspersky study showed a steady rise in new trojans, and new variants of existing ones, particularly backdoors, downloaders and data-stealing spyware, while self-replicating malware declined slightly. Also big between January and July, the nasties known as 'ransomware' or 'extortionware', encrypting data and demanding fees for the password, and also cyber-blackmail. 40% of web probes and attacks came from the US, while spam rose from a low of 44% in early January to a high of 86% in late February, and became steadily more criminalised - a trend which is expected to continue.

Also facing us in the future, the Russian firm predicts more spyware, and continued use of browser holes to initiate silent drive-by downloads onto the computers of unsuspecting users. Mobile phone hacking and malware are also expected to rise, as phones get more sophisticated and more widely used.

Browser holes were also highlighted in Symantec's report, with stats including 69% of vulnerabilites affecting web apps, 47% of all browser-based attacks targeting Microsoft Internet Explorer, which had a mere 38 vulnerabilities compared to Mozilla Firefox's 47, but left them unpatched for an average nine days compared to Firefox's one day. Microsoft's record on patch speed was good though, the fastest among OS vendors, along with RedHat, at 13 days to develop fixes, leaving Apple (37 days), HP (53 days) and Sun (89 days) in their dust.

Also logged by Symantec, an average 6,110 DoS attacks per day, mostly targeting ISPs in the US, with 20% of the zombies sitting in China and 42% of the herders based in the US. Phishing was up by 81%, with spam making up 54% of all email sent, 58% originating from the US. Phishing mainly focused on financial services, while spam's favourite subjects were health-related. Almost 7,000 new viruses and worms were identified, but five of the top ten new malware families were trojans.

Coming up in the future, more polymorphism in viruses, attacks on new web technologies such as AJAX, potential Windows Vista vulnerabilities, and indeed more vulnerabilities in general.

The Kaspersky report can be read in full here. Symantec's study can be found here, with a summary press release here.

26 September 2006

Tags: virus