In its 2008 first half data security summary, F-Secure reports malware growth rate at a higher level than ever before. This recent explosion of malware doesn’t necessarily represent new types of threats. It is largely the packing, encryption, and obfuscation of existing families of trojans, backdoors, exploits, and other threats which is now done with industrial efficiency.
What the increasing use of self-defense technologies in malware represents is the ever growing professionalism within the crime-ware community.
The first half of 2008 has witnessed a growing number of targeted malware attacks on individuals, companies, and organizations. In a targeted malware attack, the attacker profiles his victim and sends an e-mail using the recipient’s name, title, and perhaps references to his job function. The message’s content is typically something that the recipient would expect to receive via e-mail.
Targeted malware attacks are also being used for political and military motives. During the recent clashes between Tibetans and the Chinese military, the battles on the streets were accompanied by political espionage on the Internet. Human rights groups, pro-Tibet organizations and individuals supporting the freedom of Tibet were attacked with a carefully targeted and technically advanced e-mail campaign that attempted to infect their computers in order to spy on their actions.
Additionally the first half of 2008 brought some new ways to infect PC’s, as well as “jailbreaking” for mobile phones.
To see more on the topic, visit F-Secure’s video channel for a 9 minute recording focusing on the Data Security Wrap-up.