Feeds

Stealth techniques push malware under the radar

Roots you, sir

The Essential Guide to IT Transformation

Increased use of stealth techniques such as rootkits is leading to fewer reports of new viruses, according to a study by net security outfit VeriSign iDefense.

Since 2003, VeriSign iDefense has been collecting and recording information on every uniquely identifiable malicious code, using public and private resources. Discovery of malicious codes was steadily growing between 2003 and 2005, but from January to June 2006 VeriSign iDefense noticed a significant downward trend each month.

Its conclusions are markedly different from those of anti-virus vendors, who report a decrease in mass-mailing worms but an increase in more targeted attacks.

VeriSign iDefense has a number of theories about why it is seeing fewer examples of malware doing the rounds. For one, anti-virus programs may be improperly detecting polymorphic codes as older variants or code families. Then again, malware authors might be turning to phishing and pharming attacks as a means to rack in illicit funds. As such attacks grow in popularity, the theory goes, they might start to replace malicious codes as a means to gain personal information for financial gain.

While it's true that phishing attacks are gaining in sophistication, VeriSign iDefense neglects to mention that key-logging Trojans are one of the most effective means to gain secret account information.

However, the company believes the most significant factor in the decrease of malware it reports is the increased use of rootkit techniques. Rootkits, designed to push malware "under the radar", are increasingly foiling anti-virus programs and other security techniques, it says.

VeriSign iDefense reckons the number of malicious codes installed today is still significant, but simply not being detected.

Senior malicious code analyst Frederick Doyle said: "Levels of spamming continue to be a good indicator of malicious code use, as those techniques are generally used by the same types of hackers. As the public improves in its defences against spamming, malicious code users are increasingly turning to different means of attack." ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.