Targeted Trojan attacks on the rise, report finds

Computer hackers are increasingly tailoring Trojan horse programs for certain businesses in hopes of filching intellectual property, a security report said.
  • (IDG News Service)
  • — 07 July, 2006 08:16

Computer hackers are increasingly tailoring attacks using Trojan horse programs for certain businesses in hopes of filching intellectual property, a new security report released Thursday said.

MessageLabs said its latest research data shows these kinds of attacks have risen six-fold over the same period in 2005. While the increase is dramatic, the number of attempts remains low: The targeted attacks are occurring about once a day rather than one or two per week in 2005, the company said.

An attack e-mail may be sent to people in four or five companies in similar kinds of businesses, said Paul Wood, senior analyst for MessageLabs. The company counts the attempt as one attack.

MessageLabs products filter e-mail and Internet traffic before it reaches its users, and the company studies the traffic for trends. It provides services to around 14,000 business customers worldwide, and its attack statistics are drawn from that data pool.

Wood said the methods of attack are changing since computer security has improved overall. "It's very much more difficult for the cybercriminals to get through organizations' defenses in the same way that they would have done four or five years ago," he said.

The lower the profile of the attack, the greater the chances are for success, as sending out tens of thousands of e-mail messages with bad programs or links is quickly noticed.

The latest method is to send only a few messages, often to specific people in a company, rather than using programs that harvest large numbers of unrelated e-mail addresses from the Internet, Wood said.

Hackers are combining threats through sophisticated programming. Once one malicious program infects a computer, it is often able to download other programs capable of rummaging through files and sending them back to a host, or using the machine to send spam or download adware, Wood said.

To avoid antivirus programs that bluntly filter any e-mail containing an executable attachment, hackers are instead sending links through e-mail or instant messages.

The link can lead to a Web site hosting a malicious program, some of which can automatically start running if a user doesn't have the proper security updates for their browser, Wood said.

Other attacks target vulnerabilities in applications, such as Microsoft's Word or Excel programs. Hackers can find a vulnerability in those programs, constructing a special Word or Excel file that cause other malicious code to run on a computer when opened, Wood said.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?