Financially motivated malware thrives

Expect more spam, botnets in final months of 2007

Financially motivated malware attacks are on the rise, with automated software packages making it easy for unskilled hackers to earn a living by sending out spam, researchers at messaging security vendor Secure Computing say.

A malware kit called MPack, released by Russian hackers last December, allows pretty much anyone with US$200 to become a master spammer because it is easy to use and exploits vulnerabilities in FireFox, Internet Explorer and Apple's QuickTime, says Dmitri Alperovitch, principal research scientist for Secure Computing.

The trend that "kind of defines 2007" is the convergence of traditional e-mail with Web-based attacks, in which message recipients are prompted to click on links to malicious Web sites, rather than to download attachments, Alperovitch says.

"Certainly, exploiting Web browser vulnerabilities has been common. We've seen that for a long time," he says. "Now we're seeing that capability being merged with traditional e-mail worms that sort of blanket the Internet."

Information-stealing malware now accounts for 10 percent of all threats, up from 8 percent in January, new research from Secure Computing has found. Trojans comprise 63 percent of all newly discovered malware, up from 58 percent in January.

Spyware and phishing are also becoming more problematic as attackers use more targeted attacks to steal personal and financial information. "The barriers to entry into cyber crime have been lowered so much," Alperovitch says. "People are realizing that they can make very serious money with almost no accountability, almost complete anonymity."

Quoting the analyst firm Gartner, Secure Computing's researchers say that 75 percent of enterprises will be infected by "undetectable professional-grade malware" by year-end.

About 90 percent of all e-mail is malicious, but that figure will rise as the holiday season gets closer, according to Alperovitch.

"There's a good chance we'll reach 95 percent, maybe higher, of all e-mails being malicious by the end of the year," he says.

As the storm worm showed, the automation of online attacks is allowing the creation of more botnets, he says. E-mail delivery mechanisms are also being optimized to bypass spam filters. Unfortunately, many Web surfers are far too trusting.

"If you're walking down the street and someone asks you for your Social Security number or your bank account pin, you're not going to give it to them," Alperovitch says. "Yet on the Internet, people freely give them out to anyone who sends them an e-mail message."

Here are some key security trends and events identified by Secure Computing in the first eight months of 2007:

  • The storm worm, named after subject lines like "230 dead as storm batters Europe," and similar worms became widespread in January and the following months, with new variants being created every 15 minutes.
  • A password-stealing Trojan hit visitors to the Miami Dolphins' stadium Web site during the Super Bowl, when attackers took advantage of a vulnerability in Internet Explorer's rendering of vector markup language documents.
  • A mass-email with pictures of Britney Spears and Paris Hilton in April lured people to a Web site that hosted a zero-day exploit related to Windows' handling of animated cursor files. Microsoft released a patch to fix the vulnerability.
  • More than 10,000 European Web sites hosted malware attacks in June after being compromised. "Hidden IFRAME's" were injected into the Web sites, referring visitors to malicious sites using MPack to deliver banking Trojans.
  • So-called backdoor Trojans affect home users around the world, including nearly 100,000 PCs now infected by a new wave of storm malware. "The mailings that came with subject lines such as 'You've received a postcard from a family member!' directed users to Web-hosted exploits for several different vulnerabilities; they infect users' computers and attach them to the Storm family's P2P botnet," Secure Computing writes.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jon Brodkin

Network World
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?