Join our Mailing List

"As long as human rights are violated, there can be no foundation for peace. How can peace grow where speaking the truth is itself a crime?"

F-Secure Reports Malware Growth at a Higher Level Than Ever Before

June 26, 2008

Press Release News
Earth Times/Business Wire
June 24, 2008

SAN JOSE, Calif. - (Business Wire) In its 2008 first half data
security summary, F-Secure reports that malware is growing at a
faster rate than ever before. This recent explosion of malware
doesn't necessarily represent an increase in new types of threats. It
is largely the packing, encryption, and obfuscation of existing
families of trojans, backdoors, exploits, and other threats, which is
now done with industrial efficiency. The increasing use of
self-defense technologies in malware represents the ever-growing
professionalism within the crime-ware community.

"I have a nasty feeling that the situation is getting worse, not
better," says Patrik Runald, Security Response Manager at F-Secure
Corporation. "However, we are not giving up, either."

The first half of 2008 has seen a growing number of targeted malware
attacks on individuals, companies, and organizations. In a targeted
malware attack, the attacker profiles his victim and sends an e-mail
using the recipient's name, title and perhaps references to his job
function. The e-mail appears to come from a legitimate source, such
as the Better Business Bureau or the IRS, and the message's content
is typically something that the recipient would expect to receive via
e-mail. The e-mail prompts the victim to visit a website that then
infects his computer with malware that allows the attacker to steal
sensitive information from the victim's browser.

Targeted malware attacks are also being used for political and
military motives. During the recent clashes between Tibetans and the
Chinese military, the battles on the streets were accompanied by
political espionage on the Internet. Human rights groups, pro-Tibet
organizations and individuals supporting the freedom of Tibet were
attacked with a carefully targeted and technically advanced e-mail
campaign that attempted to infect their computers in order to spy on
their actions.

Additionally the first half of 2008 brought a rise in SQL injection
attacks, in which an attacker uses a popular website to infect
visitors with malware by taking advantage of a common back-end
vulnerability. The exploited vulnerability is so common that these
attacks have destroyed the idea of a 'trusted website,' and F-Secure
estimates that two to three million web pages have already been affected.

For more information, the full 2008 first half data security wrap-up
is available at
CTC National Office 1425 René-Lévesque Blvd West, 3rd Floor, Montréal, Québec, Canada, H3G 1T7
T: (514) 487-0665
Developed by plank