Helsinki, December 4th, 2007 - In its 2007 data security summary, F-Secure reports of a steep increase in the amount of new malware detected during 2007. In fact the amount of cumulative malware detections doubled during the year, reaching the amount of half a million. This indicates that network criminals are producing new malware variants in bulk.
"We've never seen as many samples arrive to our labs", says
Mikko Hypponen, Chief Research Officer at F-Secure Corporation. "We
would be unable to handle such huge samples loads if we would not
have built a high degree of automation into our malware analysis
systems over the past years", he continues.
While no truly new malware technologies were seen the existing
ones were refined and adapted for much greater effectiveness.
Social engineering remains a key method for propagating malware,
and more productive malware development tools and kits are
increasingly used by the criminals.
One example of a refined technology was the "Storm Worm" botnet.
The successful social engineering methods the Storm gang used
during the first half of 2007 were further developed in the second
half of the year. Also the technical setup of the Storm botnet is
unique: in addition to using a novel peer-to-peer setup to avoid
one vulnerable central point of control, the botnet also has a
capability of using DDoS-attacks to retaliate against anti-virus
researchers investigating the botnet. Such aggressive behavior from
the botnet makes it necessary for researchers to use caution in
their work, especially as the potential computing power of the
Storm botnet is quite significant.
Understandably financial transactions remain a favorite target
for network crime. The amount of phishing sites continues to
increase, but as bank customers have become more aware of this
threat the criminals have started employing more sophisticated
techniques. One example of this is banking trojans that use methods
such as injecting themselves directly into the browser application
(Man-in-the-Browser attacks).
Other increasing data security phenomena during 2007 included
parasitic behavior, like the Zlob DNSChanger, and increasing
security exploit activity for Apple products, including both Mac’s,
iTunes and the iPhone. Also the vulnerability of large databases
containing personal data has become an issue with several major
leaks reported during the year including tens of millions of e.g.
credit card numbers or bank account information. Such leaks enable
so called "spear phishing" attacks with very well targeted
information. The increased popularity of social networking services
carries similar risks.
On the mobile security front Symbian S60 as the most popular
smartphone platform has done a good job of curbing malware with its
3rd edition software. Nevertheless, we continue to see spy-tools
for the Symbian S60 3rd edition platform. Despite the fairly
tightly controlled Symbian signing process for applications,
spy-tools are able to get through the process by being submitted as
e.g. "back-up" software. Also the increasing popularity of
"unlocking" the security controls of both iPhone and Symbian phones
is introducing increased risks for the unlocked phones.
The full 2007 Data Security Wrap-Up is available at
http://www.f-secure.com/2007/2/
F-Secure predicts the increase in malware volume will continue
in 2008. The criminals are successfully creating a network-based
underground ecosystem, trading both malware development tools,
skills, capabilities and resources ever more effectively. At the
same time the reach of the law enforcement agencies remain limited
in the global network domain. 2008 will be a challenge of
endurance.
About F-Secure Corporation
F-Secure Corporation protects consumers and businesses against
computer viruses and other threats from the Internet and mobile
networks. F-Secure’s award-winning solutions are available as a
service subscription through more than 150 Internet service
providers and mobile operator partners around the world, making
F-Secure the global leader in this market. The solutions are also
available as licensed products through thousands of resellers
globally. F-Secure has received the Frost & Sullivan 2007 award
for Distribution Strategy Leadership. The company aspires to be the
most reliable security provider, helping make computer and
smartphone user’s networked lives safe and easy. This is
substantiated by the company’s independently proven ability to
respond faster to new threats than its main competitors. Founded in
1988 and headquartered in Finland, F-Secure has been listed on the
OMX Nordic Exchange Helsinki since 1999. The company has
consistently been one of the fastest growing publicly listed
companies in the industry. The latest news on real-time virus
threat scenarios is available at the F-Secure Data Security Lab
weblog at
http://www.f-secure.com/weblog/ .
For more information, please contact:
F-Secure Corporation
Mikko Hypponen, Chief Research Officer
Tel. +358 (0)400 648 180
Email:
firstname.lastname@f-secure.com
Henrietta Malmari, Corporate Communicator
Tel. +358 40 575 5646
Email:
firstname.lastname@f-secure.com
