Malicious Code For Profit


Malicious code for profit tops the list of vulnerability threats in
Symantec’s latest report on Internet security. In the first six months of
this year alone, attempts to expose confidential data represented 74 percent
of the top 50 malicious code samples reported to the security firm.


The trend is likely to continue with Symantec reporting a dramatic increase
in bot networks and custom bot code available for purchase or rent.


“Attackers are moving away from large, multipurpose attacks on network
perimeters and toward smaller, more targeted attacks directed at Web and
client-side applications,” Arthur Wong, vice president of Symantec Security
Response and Managed Security Services, said in a statement.


Symantec observed an average of 10,352 active bot
network computers per day, an increase of more than 140 percent from the
previous reporting period’s 4,348 bot computers.


As the financial rewards for hackers increase, Symantec predicts attackers
will likely develop more sophisticated and stealthier malicious code that
will be implemented in bot features and bot networks. Some of the codes may
attempt to disable anti-virus software, firewalls and other security
measures.


Phishing, adware, spyware and spam also increased in the first half of the
year.


According to Symantec, the volume of phishing messages grew from an average
of 2.99 million messages a day in the second half of 2004 to 5.7 million per
day in the first half of 2005.

From January to June, one out of every 125
e-mail messages scanned by Symantec’s anti-spam filters was a phishing
attempt, an increase of 100 percent from the July-December 2004 reporting
period.


Symantec also observed that spam made up 61 percent of all e-mail traffic in
the most recent reporting period. Despite the CAN-SPAM law, Symantec reports
that 51 percent of all spam received worldwide originated in the United
States.


Of the top 10 adware programs reported, five hijacked browsers. Six of the
top 10 spyware programs were bundled with other programs and six were
installed through Web browsers.


In a new trend, Symantec says modular malicious code — code that has
limited functionality initially but then downloads additional functionality
once a system has been infected — is also increasing.

News Around the Web