Ever long for the good old days when all viruses did was stomp on the FAT
Recently, McAfee’s Avert Labs encountered a new type of password stealer that uses Voice over Internet Protocol (VoIP) telephony provider Skype’s network to propagate. There is no vulnerability in the Skype service itself, the Trojan just uses the Skype network to move about, according to David Marcus, security research and communications manager at McAfee’s Avert Labs.
The Trojan, called PWS-JO by McAfee, Downloader by Symantec and Win32/Scypex.A by Microsoft, is considered low risk, as there are very few instances of it being found and all of the major antivirus programs will detect it. What it reflects, Marcus said, is that virus distribution has moved beyond just e-mail and Web links to a new network, in this case, VoIP
Password stealing Trojan viruses grew by 240 percent this year, making them the largest genre of malware
Marcus said Avert gets between 8,000 and 9,000 submissions per day, and around 100 to 150 are totally new viruses, most often Botnets and password stealing Trojans. The methods for infection remain largely the same.
“Some use spamming, a lot of the times it’s by social engineering sites that use browser vulnerabilities,” he told internetnews.com. “Attachments still work wonders. I guarantee you you’ll get two percent success, and that’s all they are looking for, the low hanging fruit. That’s still amazingly successful after all these years.”
Avert found around two-thirds of all password stealers are aimed at banks and financial institutions. Marcus said those groups have been very good at protecting their systems, but the problem is password stealers re-route the computer from a valid site to a fake one.
But the next-largest target for password stealers may surprise some: massively-multiplayer online games (MMOs), like Blizzard’s World of Warcraft and Sony Online Entertainment’s EverQuest.
They don’t want the characters, they want either the credit card and billing information for the account, or better yet, the in-game loots from the virtual economies of these games.
Virtually every online game has people who don’t play for fun but to amass in-game money and items, which they sell for real world dollars to players who don’t have the time or effort to make their own. “The economy of MMOs is huge,” said Marcus.
In 2007, Avert sees malware using peer-to-peer networks and instant messenger networks, since they assume a constant connection between clients. Marcus also said that there’s a rise in media malware, audio and video files, because people often don’t scan them.
But, he added, don’t worry. “We don’t think it’s doomsday. We are confident in our ability to deal with it. So even though we’ve seen a rise in these areas, we don’t think people should go home and shut off their computers,” he said.