July 5, 2005 7:57 AM PDT

Soaring malware levels hint at criminal activity

Security company Sophos has seen a dramatic rise in the number of viruses, worms and Trojan horses this year as more organized criminals turn to cybercrime.

The company reported last week that it had detected 7,944 new pieces of such malware in the first six months of this year--almost 60 percent more than the same time last year.

The biggest growth was in Trojan horses, programs that can damage a user's files, steal information, or even create a backdoor that can be used to compromise a PC.

special report
Microsoft meets the hackers
Redmond holds a "Blue Hat" summit to learn the ways of the other side.
Trojan horses cannot self-propagate in the same way as viruses, so they have typically been less prevalent. According to Sophos, their increased popularity shows the extent to which the creation of malware, or malicious code, is increasingly becoming the preserve of professional criminals.

"There's been a shift towards Trojans to make money," said Graham Cluley, senior technology consultant at Sophos.

The IT security landscape has changed over recent months, with credit card fraud gangs, virus writing gangs, spammers and malicious hackers becoming more closely entwined, Cluley said. He cited three gangs who he said epitomized the threat: Superzonda, HangUp and ShadowCrew.

The U.S. Secret Service broke up the ShadowCrew in 2004, but Cluley warned that "they are now fractured" so it could be hard to keep track of individual offenders.

One factor in the malware increase may be the antispam legislation that has been passed in many countries. Although these laws have been condemned as toothless in some quarters, Cluley said the legislation has helped to educate users to avoid unsolicited mail. As such, spammers have been forced to widen their activities.

2005 has seen several high-profile instances of businesses being hit by cybercrime. In March, it emerged that police had foiled an attempt to steal 220 million pounds ($387 million) from Sumitomo Mitsui Bank using keystroke loggers.

The top 10 viruses detected by Sophos so far this year all took advantage of flaws in Microsoft products, as virus writers target what Sophos calls "the great unwashed public."

But attacks directed at specific organisations could also take advantage of problems in other software, Cluley said.

"We're also seeing vulnerabilities in Linux, Unix and Mac software too. No one's perfect," he said.

Alice Lander and Graeme Wearden of ZDNet UK reported from London.

12 comments

Join the conversation!
Add your comment
It's nice to be a Mac user these days.
......Glad i don't really have to worry about this yet. It looks like it
will be a while before Mac users have to fret about malware. I have
been spyware, malware, virus free since 2001.
Posted by 198775425444042216790779840523 (102 comments )
Reply Link Flag
So have I
..and I run Windows.
Posted by City_Of_LA (118 comments )
Link Flag
really?
read the article again;

"We're also seeing vulnerabilities in Linux, Unix and Mac software too. No one's perfect," he said.
Posted by cturkin (59 comments )
Link Flag
I told you so...
One of the many articles referring to why Macs are more secure:
"SecurityFocus: 'Your Windows computer is not to be trusted;
buy a Mac and slip under the radar'

Wednesday, July 06, 2005 - 12:13 AM EST



"Left to its own meanderings, your Windows computer is not to
be trusted. Don't do any online banking unless you have a
router, a firewall, the latest anti-virus, the latest Windows
patches, the latest Windows OS, three anti-spyware applications,
and you fully understand what "phishing" means. If you don't
know what these are, what you're doing or how to properly
configure, secure and operate your own server, turn your
computer off. Or buy a Mac or Linux desktop and slip under the
radar," Kelly Martin writes for SecurityFocus."

Kelly Martin has been working with networks and security since
1986, and is currently the chief editor for Symantec's
independent online magazine, SecurityFocus.
Posted by 198775425444042216790779840523 (102 comments )
Reply Link Flag
Track the owners
Track the owners of these sites and information will scare the
**** out of you, this I will personally gurantee. I have been
removing this spyware and disecting it on a private level for over
three years know.

Right down to who owns these websites that are being marketed
by people like Claria. Hell, track the owners of the web sites
that Claria promotes and you will never install a peice of there
spyware again.

Yes, Claria produces and promotes spyware Billy.

Another reason to go buy a Mac.....I don't need to run anti-
spyware software...and you shouldn't either.

FYI....popups are created by us, web developers, there is
absolutely no need for popup software, period!
Posted by OneWithTech (196 comments )
Reply Link Flag
Gosh, it's a good thing Sophos is around.
Otherwise all these criminal gangs would get us. What happened to the good old days when they just robbed us with chains and knives and beat up old ladies in the alley?

This is such a crock. Is today "Give Vendors Free Ad Space" day? I thought Joris Evers column was tilted. I'm sure they're not making any numbers up. Just because they have a product to sell, and are the only source cited, doesn't mean they're lying, right?

I'll believe what is in this column when proof is given. When a published report is shown that has been verified by a neuteral 3rd party. Until then, it would appear the Authors simply mixed a press release around.

C|Net: You don't get any monetary compensation or free products to "test" for your articles, do you?
Posted by (9 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.