Viruses 'a thing of the past'

Two new quarterly reports from AV vendors McAfee and Kaspersky say mass-mailer viruses are no longer the biggest threat. Guess what is.

No longer are antivirus experts as concerned with attention-grabbing viruses and worms causing mass destruction. Instead, they're hot for the bot.

A quarterly report released today by California-based McAfee Corp. noted says the "steady increase in Trojans and bots continues to grow while mass-mailer viruses taper off." It confirms similar findings reported last week by Russia-based Kaspersky Labs and in March by Cupertino, Calif-based Symantec Corp.

"Botnets are the greatest threat to the Internet as we know it," according to Kaspersky's report. "They stimulate

More on botnets

New threats, dissolving perimeters

Botnets more menacing than ever

the creation of new malicious programs as they require constant refreshment, both in terms of new malware and new zombie machines to extend the network. Detection and prevention of botnets should be a priority for both the IT industry and end users, since the future of the Internet depends on coordinated action now."

Experts say millions of bots have been secretly installed on PCs, creating multitudes of malicious programs awaiting commands from a herdmaster. Vinny Gullotto, vice president of McAfee's Oregon-based Antivirus and Vulnerability Emergency Response Team, said the creation of botnets is motivated by money. "Attacks will become more subversive to steal data or use your machine for adware," he said. "Forget virus attacks -- they're a thing of the past. Bots, rootkits, Trojans and other surreptitious methods will rise. "

All of these infected machines are being actively used by cybercriminals as spamming platforms to make money, Kasperky said in the report. "Botnets can also be used in DoS attacks and to spread new malware -- such threats often lead site owners to pay cybercriminals not to attack their sites. Botnets are also used to mail out more and more new Trojans that harvest and send banking information to the controller."

Alexandr Gostev, Kaspersky's senior virus analyst, said the virus industry is more concerned with botnets than just about any other type of malware. "Any fresh new exploit for Microsoft Windows is used first of all for attacks on vulnerable systems [which are then infected] with bots and not with viruses, adware and worms."

The Kaspersky report said the RPC DCOM and LSASS vulnerabilities are most frequently targeted by bots, but several Windows flaws reported last year could be viable targets in the future:

  • Vulnerability in Cursor and Icon Format Handling;
  • Windows Kernel Vulnerability;
  • Vulnerability in PNG Processing; and
  • Vulnerability in Hyperlink Object Library

Kaspersky researchers estimate the number of bots increases by 50,000 every month, and pegs the total number of zombies at several million.

Mobile viruses, phishing, social engineering, identity theft and exploited vulnerabilities were cited as other major concerns. But the heavy emphasis in all three reports on botnets reflects a subtle yet significant change in malware over the past year.

McAfee recommends both enterprises and consumers install the latest patches, employ current spam filters and implement a multi-layered approach to detecting and blocking attacks.

Dig deeper on Malware, Viruses, Trojans and Spyware

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close