Malware Evolution: April – June 2005
Senior Virus Analyst, Kaspersky Lab
Kaspersky Lab presents its quarterly report on malware evolution by Alexander Gostev, Senior Virus Analyst. This latest report addresses issues such as changing network attack trends, the evolution of adware, the use of old technologies to create new viruses, the appearance of cyber blackmailers, and political malware.
There have been several serious IT security incidents in the last few months, all of which clearly show that hack attack vectors are changing. Major financial institutions such as Bank of America, Sumitomo Bank, Master Card and Visa have all suffered from the attention of cyber criminals. Another noteably event this quarter was the Hotworld incident, where a Trojan-Spy program was detected in the networks of more than 80 organisations in Israel and Great Britain.
An analysis of these attacks, and some other incidents which received less publicity, leads us to the following conclusions:
1. Cyber criminals are starting to forsake mass attacks conducted using network worms or spamming Trojans.
There are several reasons for this. Firstly, the antivirus industry has almost a decade’s worth experience with worms which cause global epidemics, and have developed effective methods to combat such attacks.
2. Criminals are now attacking specific major targets.
3. Selecting targets and penetration methods
How do such targeted attacks differ from stealing Internet or ICQ passwords, and then selling them on for five dollars?
It’s one thing to infect a million computers around the world, and steal 50 thousand credit card numbers from them. It’s quite another thing to steal a million credit card numbers by infecting only one computer.
Read the whole article from the link above