Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Malicious software evolves as security industry tries to keep pace

IronPort Systems : 21 May, 2008  (Technical Article)
Report from IronPort Systems suggests a continuous process of evolution under way for malicious software in an effort by hackers and spammers to find alternative ways of distributing spam and installing malware
IronPort Systems releases advanced findings from its second quarterly Spam, Viruses and Malware report to be published next month. The report highlights that, as security vendors become more adept at spotting and stopping Botnet attacks, spammers are turning to ever more devious ways to install malware and distribute spam and viruses. It also shows that malware installations have increased by 10% since the previous report in December of last year.

The report identifies three ways which are increasingly being used to infect host PCs to bypass the more effective security software that is becoming available.

The return of Webmail spam: Webmail providers long ago outwitted bots that sought to automatically set up thousands of bogus accounts to distribute spam by using a capture process. This capture process, whereby a graphic of numbers and letters needs to be read and entered, relies on human intervention to interpret the graphic. However, more sophisticated bots are appearing that have the ability to correctly recognize the symbols, thus opening the door to a new wave of webmail-based spam attacks. The report shows that these accounted for more than 5% of all spam in Q1 2008 compared to less than 1% in the previous quarter.

Exploiting Google: Malware sites have to contend with comprehensive databases that record every malicious URL as they appear and feed the information to security vendors that then block access. Next generation malware now gets around this by using Google's 'I'm feeling lucky' search option to channel traffic to infected sites. When a user enters a search string and hits the button, Google redirects the browser and, in doing so, can bring users to websites that have otherwise been flagged as malicious. The report also estimates that 1.3% of all Google searches return malware sites as valid results. Given the huge volume of searches carried out every minute, this translates into a potentially huge opportunity for malware distributors.

Out of Office: Most people switch on their Out of Office (OOO) notification system when on holiday or away on business. However, if this email address is spammed in the users absence the automatic OOO response not only validates the address as genuine. It also allows spammers to hijack the corporate mail server and send spam that appears to be coming from a legitimate source. This style of attack had not been seen before and illustrates the sophistication of spammers to circumvent anti-spam filters.

'Purveyors of malware are always trying to keep one step ahead of the security companies - it's like a game of cat and mouse,' explains Jason Steer, EMEA Product Manager, IronPort Systems. 'Every time security vendors plug one loophole, the spammers and virus writers have already moved on to a fresh crack in the system. Our report aims to help IT professionals, consumers and security vendors to spot these trends and take adequate measures to prevent them. Malware remains an enormous threat to corporate and personal security as well as providing a hugely lucrative revenue stream for criminal fraternities; it is incumbent upon us all to try our utmost to eradicate it.'
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo