Feeds

VXers suffering from 'writer's block'

Same old, same old

The Essential Guide to IT Transformation

Virus writers have run out of fresh ideas for the creation of malware, according to a study by Russian anti-virus firm Kaspersky Lab.

Kaspersky reckons that while the hacking community is developing "proof of concept" code for new platforms, it is unlikely that this work will result in malware capable of causing much damage.

"The overwhelming trends throughout 2006 indicate that the well of truly new ideas has run dry. Virus writers are feverishly trying to defend their creations against new protective technologies by creating proof of concept code for new platforms.

"However, these creations do not yet have a footing in reality: we are not seeing threats that would be able to cause millions and millions of pounds of damage, as Klez, Mydoom, Lovesan [the Love Bug] and Sasser did in the past," said Alex Gostev, senior virus analyst at Kaspersky Lab and author of its report Malware Evolution: July - September 2006.

Gostev reckons virus writers are suffering from a form of writer's block that means malware authors - much like Hollywood production studios - are churning out a string of uninteresting sequels devoid of fresh ideas.

"Threats are no longer global and are not effective for as long as they used to be. There's nothing really new taking place. It's the same unending stream of Trojans, viruses, and worms - the only difference is that the numbers have significantly increased," Gostev said.

Kaspersky reckons the battle between VXers and security firms has reached a stalemate. Although anti-virus firms have taken steps to speed their reaction time and improve heuristic technologies capable of identifying malware strains without fresh signature updates, the bad guys have learned to live with faster reaction times or else concentrated their efforts on users who fail to deploy adequate security protection. Gostev thinks the present impassé is unsustainable and either VXers or the anti-virus community will gain the ascendancy over coming months.

The report also looks at key malware trends over the period between July and September 2006. Over the period, virus writers concentrated their efforts on a variety of Microsoft Office vulns that became exposed, often timing the release of malware with Microsoft's patch schedule to maximise the potential for mischief. Chinese hackers have been particular active in this area. Kaspersky advises Microsoft to brace itself for another wave of attacks likely to accompany the release of Office 2007 later this year.

One of the few significant advances by VXers over the period came with the release of Mobler, a cross-platform virus capable of infecting both Symbian and Windows systems. The proof-of-concept code failed to cause much harm but might become a template for more dangerous attacks, Kaspersky warns. Also of note on the mobile virus front was a new version of Comwar, which used file infecting technologies as well as traditional MMS and Bluetooth propagation methods in order to spread.

Kaspersky warns that a recent vulnerability in the Wi-Fi function of Intel Centrino processors, discovered in August, might also lend itself to exploitation by virus writers even though such a threat has failed to materialise as yet. ®

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.