Exploiting vulnerabilities to infect computers has become a priority for cyber-crooks
Over the last few months we have witnessed a notable increase in exploits of security problems in commonly-used programs that could allow remote attacks by cyber-crooks. This situation is due to the new malware dynamic, in which the main objective is financial gain. Internet criminals are concentrating their efforts on discovering and exploiting security problems that allow them to harvest as much confidential user data as possible. This data is then used for online fraud and identity theft.
In particular, criminals are on the lookout for vulnerabilities in applications installed on millions of computers. Last week for example, Microsoft released the MS06-052, MS06-053 and MS06-054 patches corresponding to security problems in products such as Internet Explorer or Microsoft Office.
One notable example of the new malware dynamic is the MS06-040 vulnerability, perhaps the most serious of those detected recently. It only took a few hours until the Oscarbot.KD worm started to exploit it. The aim of this worm was not to spread to millions of computers in just a few minutes, but to allow an attacker to take all sorts of actions infected computers.
Targeted attacks are just one of the problems in the current Internet threat panorama. As these attacks frequently use malicious code designed à la carte and sent to a limited number of potential victims, users are generally unaware of their presence, and as they remain hidden on systems, security companies are also oblivious to them and cannot therefore generate the corresponding vaccines.