Symantec, Kaspersky issue threat reports


Trojans, vulnerabilities, spam and crime loom large.


Symantec

and

Kaspersky

have both released overviews of security dangers faced in the first half of 2006 this week, and both present a fairly gloomy picture.

The

Kaspersky

study showed a steady rise in new trojans, and new variants of existing ones, particularly backdoors, downloaders and data-stealing spyware, while self-replicating malware declined slightly. Also big between January and July, the nasties known as ‘ransomware’ or ‘extortionware’, encrypting data and demanding fees for the password, and also cyber-blackmail. 40% of web probes and attacks came from the US, while spam rose from a low of 44% in early January to a high of 86% in late February, and became steadily more criminalised – a trend which is expected to continue.

Also facing us in the future, the Russian firm predicts more spyware, and continued use of browser holes to initiate silent drive-by downloads onto the computers of unsuspecting users. Mobile phone hacking and malware are also expected to rise, as phones get more sophisticated and more widely used.

Browser holes were also highlighted in

Symantec

‘s report, with stats including 69% of vulnerabilites affecting web apps, 47% of all browser-based attacks targeting

Microsoft Internet Explorer

, which had a mere 38 vulnerabilities compared to

Mozilla Firefox

‘s 47, but left them unpatched for an average nine days compared to

Firefox

‘s one day.

Microsoft

‘s record on patch speed was good though, the fastest among OS vendors, along with

RedHat

, at 13 days to develop fixes, leaving

Apple

(37 days),

HP

(53 days) and

Sun

(89 days) in their dust.

Also logged by

Symantec

, an average 6,110 DoS attacks per day, mostly targeting ISPs in the US, with 20% of the zombies sitting in China and 42% of the herders based in the US. Phishing was up by 81%, with spam making up 54% of all email sent, 58% originating from the US. Phishing mainly focused on financial services, while spam’s favourite subjects were health-related. Almost 7,000 new viruses and worms were identified, but five of the top ten new malware families were trojans.

Coming up in the future, more polymorphism in viruses, attacks on new web technologies such as AJAX, potential

Windows Vista

vulnerabilities, and indeed more vulnerabilities in general.

The

Kaspersky

report can be read in full

here

.

Symantec

‘s study can be found

here

, with a summary press release

here

.

Posted on 26 September 2006 by

Virus Bulletin


Posted

in

by

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *