Viruses 'a thing of the past' |
 |
By Shawna McAlearney, News Editor
25 Apr 2005 | SearchSecurity.com |
|
|
No longer are antivirus experts as concerned with attention-grabbing viruses and worms causing mass destruction. Instead, they're hot for the bot.
A quarterly report released today by California-based McAfee Corp. noted says the "steady increase in Trojans and bots continues to grow while mass-mailer viruses taper off." It confirms similar findings reported last week by Russia-based Kaspersky Labs and in March by Cupertino, Calif-based Symantec Corp.
"Botnets are the greatest threat to the Internet as we know it," according to Kaspersky's report. "They stimulate
the creation of new malicious programs as they require constant refreshment, both in terms of new malware and new zombie machines to extend the network. Detection and prevention of botnets should be a priority for both the IT industry and end users, since the future of the Internet depends on coordinated action now."
Experts say millions of bots have been secretly installed on PCs, creating multitudes of malicious programs awaiting commands from a herdmaster. Vinny Gullotto, vice president of McAfee's Oregon-based Antivirus and Vulnerability Emergency Response Team, said the creation of botnets is motivated by money. "Attacks will become more subversive to steal data or use your machine for adware," he said. "Forget virus attacks -- they're a thing of the past. Bots, rootkits, Trojans and other surreptitious methods will rise. "
All of these infected machines are being actively used by cybercriminals as spamming platforms to make money, Kasperky said in the report. "Botnets can also be used in DoS attacks and to spread new malware -- such threats often lead site owners to pay cybercriminals not to attack their sites. Botnets are also used to mail out more and more new Trojans that harvest and send banking information to the controller."
Alexandr Gostev, Kaspersky's senior virus analyst, said the virus industry is more concerned with botnets than just about any other type of malware. "Any fresh new exploit for Microsoft Windows is used first of all for attacks on vulnerable systems [which are then infected] with bots and not with viruses, adware and worms."
The Kaspersky report said the RPC DCOM and LSASS vulnerabilities are most frequently targeted by bots, but several Windows flaws reported last year could be viable targets in the future:
- Vulnerability in Cursor and Icon Format Handling;
- Windows Kernel Vulnerability;
- Vulnerability in PNG Processing; and
- Vulnerability in Hyperlink Object Library
Kaspersky researchers estimate the number of bots increases by 50,000 every month, and pegs the total number of zombies at several million.
Mobile viruses, phishing, social engineering, identity theft and exploited vulnerabilities were cited as other major concerns. But the heavy emphasis in all three reports on botnets reflects a subtle yet significant change in malware over the past year.
McAfee recommends both enterprises and consumers install the latest patches, employ current spam filters and implement a multi-layered approach to detecting and blocking attacks.
 |
 |
| |
RELATED CONTENT
 |
Malware, Viruses, Trojans and Spyware |
|
Schneier-Ranum Face-Off: Is antivirus dead?
|
|
Modern malware, stealthy botnets, adapt quickly, expert says
|
|
Computer worm infections up, scareware antivirus down, Microsoft says
|
|
Web-based attacks skyrocket, pirating sites surge, security firms say
|
|
Mini guide: How to remove and prevent Trojans, malware and spyware
|
|
Kaspersky system analyzes malicious URLs on Twitter for malware
|
|
Silon malware intercepts Internet Explorer sessions, steals credentials
|
|
Breach forces payroll service provider PayChoice to shut down again
|
|
RSA research underscores problem tracking cybercriminals
|
|
Conficker analysis finds P2P coding limited, less sophisticated
|
|
|
|
|
|
