November 27th, 2008

more

December 03rd, 2008

more

more

more

more

more

more

more

more

more

more

more

more

more

more

more

December 28th, 2006

The evolution of malware continues

Ever long for the good old days when all viruses did was stomp on the FAT table of your hard drive? Recently, McAfee's Avert Labs encountered a new type of password stealer that uses Voice over Internet Protocol (VoIP) telephony provider Skype's network to propagate. There is no vulnerability in the Skype service itself, the Trojan just uses the Skype network to move about, according to David Marcus, security research and communications manager at McAfee's Avert Labs.

The Trojan, called PWS-JO by McAfee, Downloader by Symantec and Win32/Scypex.A by Microsoft, is considered low risk, as there are very few instances of it being found and all of the major antivirus programs will detect it. What it reflects, Marcus said, is that virus distribution has moved beyond just e-mail and Web links to a new network, in this case, VoIP.

Password stealing Trojan viruses grew by 240 percent this year, making them the largest genre of malware along with Botnets, according to an Avert Labs blog posting.

Marcus said Avert gets between 8,000 and 9,000 submissions per day, and around 100 to 150 are totally new viruses, most often Botnets and password stealing Trojans. The methods for infection remain largely the same.

‘Some use spamming, a lot of the times it's by social engineering sites that use browser vulnerabilities,’ he said. ‘Attachments still work wonders. I guarantee you you'll get two percent success, and that's all they are looking for, the low hanging fruit. That's still amazingly successful after all these years.’

Avert found around two-thirds of all password stealers are aimed at banks and financial institutions. Marcus said those groups have been very good at protecting their systems, but the problem is password stealers re-route the computer from a valid site to a fake one.

But the next-largest target for password stealers may surprise some: massively-multiplayer online games (MMOs), like Blizzard's World of Warcraft and Sony Online Entertainment's EverQuest.

They don't want the characters, they want either the credit card and billing information for the account, or better yet, the in-game loots from the virtual economies of these games.

Virtually every online game has people who don't play for fun but to amass in-game money and items, which they sell for real world dollars to players who don't have the time or effort to make their own. ‘The economy of MMOs is huge,’ said Marcus.

In 2007, Avert sees malware using peer-to-peer networks and instant messenger networks, since they assume a constant connection between clients. Marcus also said that there's a rise in media malware, audio and video files, because people often don't scan them.

But, he added, don't worry. ‘We don't think it's doomsday. We are confident in our ability to deal with it. So even though we've seen a rise in these areas, we don't think people should go home and shut off their computers,’ he said.

---

DONATION: Keylogger.org is an independent research project supported by a team of enthusiasts. If you find this project useful or would like to help foster its continued development please consider making a donation using PayPal`s online secure payment service.

A PayPal account is not required. All major credit cards are accepted (MasterCard/Eurocard, Visa/Delta/Electron, American Express, Switch/Maestro, Solo). Simply click the button below.

Any amount would be useful and appreciated!

Thanks in advance for your support!