Feeds

Zombie bots fuel spyware boom

It's raining malware buy our umbrellas today, says McAfee

  • alert
  • submit to reddit

Website security in corporate America

Virus writers are up upping their production rates with a 12 per cent increase in the number of new items in malware in the second quarter of 2005. McAfee's Anti-virus and Vulnerability Emergency Response Team (AVERT) reports that spam-propagating bot programs, adware and spyware were the greatest net security threat in Q2 2005.

Zombie bots such as Gaobot, MyTob and SDbot are often central to the spread of spyware. "In just the first and second quarters of 2005, the number of exploited machines using backdoor techniques has increased over 63 per cent from the total at the end of 2004," said Vincent Gullotto, VP of McAfee AVERT. "This often resulted in spyware and adware being downloaded onto affected systems."

McAfee AVERT saw a 12 per cent increase in the number of new Potentially Unwanted Programs (PUPs) AKA adware and spyware packages - created in Q205 compared to Q1 2005. The most prevalent nuisance programs spotted by McAfee were the 180Solutions and abetterintrnt adware packages. Continuing a recent trend, several MyTob variants dropped hundreds of adware files, including components of 180Solutions, helping to explain the wide spread of this form of malware.

A well as these emerging threats, McAfee also noticed an increase in money making cyber scams. A recent McAfee study into organised crime and the internet suggests that there is a "new hierarchy of cybercriminals", and that each level, from amateur to professional, has different tactics and motives.

"The most interesting development in recent years is cyber gangs, who sit at the top of this cybercrime chain. These advanced groups of career criminals and hackers agree to cooperate, plan and execute long term attack strategies that are of little interest to the socially-motivated hacker or script kiddy," McAfee reports.

The security firm adds that the number of vulnerabilities on various software platforms topped 1,000 in Q2 of 2005, approximately 5 per cent up on its figures for the same period last year. ®

Top Threats in Q2 2005, according to McAfee (listed alphabetically):

  • Exploit-Byteverify
  • MyDoom.BG
  • MyTob.gen
  • NetSky.Q

Related stories

VXers creating 150 zombie programs a week
Malware authors up the ante
Anti-spam success drives malware authors downmarket

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Blood-crazed Microsoft axes Trustworthy Computing Group
Security be not a dirty word, me Satya. But crevice, bigod...
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.