Feeds

Zombie bots fuel spyware boom

It's raining malware buy our umbrellas today, says McAfee

  • alert
  • submit to reddit

Protecting against web application threats using SSL

Virus writers are up upping their production rates with a 12 per cent increase in the number of new items in malware in the second quarter of 2005. McAfee's Anti-virus and Vulnerability Emergency Response Team (AVERT) reports that spam-propagating bot programs, adware and spyware were the greatest net security threat in Q2 2005.

Zombie bots such as Gaobot, MyTob and SDbot are often central to the spread of spyware. "In just the first and second quarters of 2005, the number of exploited machines using backdoor techniques has increased over 63 per cent from the total at the end of 2004," said Vincent Gullotto, VP of McAfee AVERT. "This often resulted in spyware and adware being downloaded onto affected systems."

McAfee AVERT saw a 12 per cent increase in the number of new Potentially Unwanted Programs (PUPs) AKA adware and spyware packages - created in Q205 compared to Q1 2005. The most prevalent nuisance programs spotted by McAfee were the 180Solutions and abetterintrnt adware packages. Continuing a recent trend, several MyTob variants dropped hundreds of adware files, including components of 180Solutions, helping to explain the wide spread of this form of malware.

A well as these emerging threats, McAfee also noticed an increase in money making cyber scams. A recent McAfee study into organised crime and the internet suggests that there is a "new hierarchy of cybercriminals", and that each level, from amateur to professional, has different tactics and motives.

"The most interesting development in recent years is cyber gangs, who sit at the top of this cybercrime chain. These advanced groups of career criminals and hackers agree to cooperate, plan and execute long term attack strategies that are of little interest to the socially-motivated hacker or script kiddy," McAfee reports.

The security firm adds that the number of vulnerabilities on various software platforms topped 1,000 in Q2 of 2005, approximately 5 per cent up on its figures for the same period last year. ®

Top Threats in Q2 2005, according to McAfee (listed alphabetically):

  • Exploit-Byteverify
  • MyDoom.BG
  • MyTob.gen
  • NetSky.Q

Related stories

VXers creating 150 zombie programs a week
Malware authors up the ante
Anti-spam success drives malware authors downmarket

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
China hacked US Army transport orgs TWENTY TIMES in ONE YEAR
FBI et al knew of nine hacks - but didn't tell TRANSCOM
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.