BOTS in particular continue to plague enterprise companies and home users because of their ability to inconspicuously take over a user's computer and remain hidden while they launch their malicious attacks. McAfee AVERT has seen an obvious increase in attempted machine hijackings.
"In just the first and second quarters of 2005, the number of exploited machines using backdoor techniques has increased over 63 percent from the total at the end of 2004," stated Vincent Gullotto, vice president of McAfee AVERT. "This often resulted in spyware and adware being downloaded onto affected systems. Thus spyware has continued to be a major problem. There are four anti-spyware bills working their way through Congress to help tackle this growing problem, but we believe the problem is only going to get worse. Consumers and enterprises are becoming more and more aware of the need for various security technologies to protect their machines and networks."
Major Threats for Q2, 2005
The top malicious threats in Q2 are listed alphabetically and identified by the McAfee AVERT name schema:
- Exploit-Byteverify
- W32/Mydoom.BG@MM
- W32/Mytob.gen@MM
- W32/Netsky.q@MM
Top BOTs for Q2, 2005
The number of BOT-related cases increased by 303 percent from Q1 to Q2 2005 (from just over 3000 cases to just under 13000). BOT families that account for this increase include:
- Gaobots
- Mytobs
- Polybots
- Sdbots
The following, while not malicious threats, are the most commonly PUPs identified by McAfee technology and reported by customers to AVERT. The following PUPs are listed alphabetically:
- Adware-180Solutions
- Adware-abetterintrnt
- Adware-BB
- adware-dfc
- Adware-GAIN
- Adware-ISTbar.b
- Adware-RBlast.dldr
- Downloader-kl
- IPSentry
- RemoteSpy
Adware has become a major concern for both consumers and enterprises and continues to rise. McAfee AVERT saw a 12 percent increase in the number of new PUPs created in Q2 2005 from Q1 2005. Continuing a recent trend, several Mytob variants dropped hundreds of adware files, including components of Adware-180Solutions, Adware-BB, Adware-DFC, Adware-ISTbar, Adware-Sidefind, Adware-ExactSearch, Adware-abetterintrnt and Adware-SAHAgent.
The most interesting development in recent years is cyber gangs, who sit at the top of this cybercrime chain. These advanced groups of career criminals and hackers agree to cooperate, plan and execute long-term attack strategies that are of little interest to the socially-motivated hacker or script kiddy. With the increasing sophistication of cybercrime, from phishing to social engineering and Internet scams, the report raises awareness of how organized
-
-
-
crime and cybercrime are developing and how businesses and individuals can protect themselves against criminal activity.
Mobile Viruses Remain a Growing Threat
Researchers discovered a technique for compromising Bluetooth authentication protocol and potentially gaining control of Bluetooth-enabled mobile phones, even when the handsets have security features switched on. The technique allows an attacker with specialized equipment to connect to a Bluetooth handset without authorization. Once the connection is established, the attacker could potentially gain access to resources of the handset to make calls on the target's handset, siphon off data, or access data services via compromised handset.
AVERT Recommendations
In an effort to address the above threats and malicious programs, McAfee AVERT recommends both enterprises and consumers constantly stay updated with the latest DATs, install the latest patches, employ current spam filters and implement a multi-layered approach to detecting and blocking attacks.