Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

ESET reviews malware landscape of 2007

ESET : 24 January, 2008  (Technical Article)
Global threat report reviews 2007 and examines malware trends throughout the year.
ESET has released its Global Threat Report 2007, which discusses some of the more prominent malware in 2007 including Nuwar, aka Storm Worm and looks at changing malware threats from January to December. The report is formulated from data gathered through ESET's ThreatSense.Net technology, which automatically collects data about malware threats, in particularly newly-discovered, heuristically detected threats.

Storm Worm has been attracting large amounts of attention ever since it hit computer users a year ago. ESET's report looks at the social engineering tactics used over the last twelve months and the duration of usage of each technique. ESET believes that this data shows that the authors are monitoring closely the effectiveness of each ploy, in terms of aiding propagation and infection.

"Storm Worm is a good example of a modern threat that uses advanced technology to infect PCs and maintain its foothold on compromised systems by any means available," comments Andrew Lee, Chief Research Officer of ESET. "It is unique in that its programmers, and the botmasters they work with, are paying a great deal of attention to maintaining their botnet, releasing frequent updates in order to evade detection by anti-malware and intrusion detection systems. In fact, a sign of Storm Worm's sophisticated and diversified structure and self-updating mechanism is that different components may be detected by several different names, even by a single product."

ESET's Global Threat Report notes that PCs were not only the ones targeted during 2007, October saw one of the first attacks (apart from some macro viruses) targeting both PCs running Microsoft's Windows and Apple Macintosh computers running OS X. The malware attack targeting OS X resembled W32/Zlob, but was rudimentary when compared to cutting-edge Windows malware.

The infection vector for this attack was a fake codec that was only effective when the user was tricked into downloading and executing it. There are still those who claim that Mac users are smarter than Windows users and won't be fooled by social engineering. ESET warns though, currently, Mac users with no particular security knowledge may be vulnerable if they believe that their systems are so intrinsically secure out of the box that they don't need to know or to do anything about security.

Despite the emergence in 2007 of more complex threats, readers of the report might be surprised to find that older types of malware, for example mass mailers, are still circulating in vast quantities. From a sample of 4,251.9 million email messages monitored by ESET Virus Radar over the period from 1st January 1st 2007 to 10th December 2007, 33.8 million messages carried malicious content such as a malware attachment or a link to a web site containing malicious code. The most seen email borne threat was malware that closely resembled Win32/Stration.XW.

Win32/Stration (aka Warezov or Strati) has been around since mid-2006. This mass mailing malware is used to send unsolicited e-mails and often arrives as an e-mail attachment, which tries to disguise itself as a normal text file by modifying its own icon. During 2007 ESET saw variants of Stration that also used MSN Messenger or Skype to send out copies of themselves.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo