The rise and rise of the quiet trojan

By on

Trojans made up more than 80 per cent of new malware infections over the past six months, according to research from Sophos. Graham Cluley, senior technology consultant at Sophos, said it was because "financially-motivated hackers don't want to infect millions of emails because it draws attention to their malware".

Previously, hackers wrote viruses and worms that indiscriminately targeted large groups in order to show off their skills. But criminal gangs are now going after small, specific groups of people with trojan attacks, because it increases the chance of users surrendering bank details or other data which could be used for identity theft.

"Today's cybercriminal is typically writing trojans to steal money from innocent internet users," said Cluley.

Raimund Genes, CTO at Trend Micro, agrees. "Professional malware writers today don't want to make a big fuss. The worst that could happen to them is for their malware to get noticed," he said. New threats no longer pop up and visibly shut systems down, but keep users unaware as details are being siphoned away.

One type of dangerous trojan to emerge this year is ransomware, which "kidnaps" data and files from a user and then demands payment for its release or risk losing it.

Virus infected email, on the other hand, has dropped from one in 35 emails in 2005, to one in 91 emails, according to the study. That said, the Sober-Z virus, lasted six days earlier this year but spread like wildfire across unprotected computers and infected one in 13 emails at its height.

The amount of virus-infected email we do see may be down to home users, who are "only updating their anti-virus once a week at best, which isn't good enough", warned Cluley. For example, the Netsky virus is still ranked third in Sophos' most prevalent malware families despite there being patches available to block it, and its writer, Sven Jaschan, being arrested two years ago.

Cluley said that the launch of Microsoft's Windows OneCare, a security product for the home user, might bring a decrease in this type of activity, as many will be drawn to the brand name.

Microsoft has announced that it is developing an enterprise suite of security software called Forefront, which they expect to be available to businesses early next year. But this may not be enough.

"The challenge will be IT administrators, who are notoriously cynical, as well as businesses who just aren't running the latest versions of Windows. They still want to virus-protect their Unix machines, Apple Macs, OS/2, all kinds of operating systems – none of which I can see Microsoft protecting," said Cluley. "Microsoft will have to realise that protecting enterprises is going to be a different kind of challenge than protecting home users."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition

Most Read Articles

Log In

  |  Forgot your password?