Security researchers have warned that sudden impact viruses, such as the Slammer worm, which cause immediate widespread damage to IT systems are being superseded by slow-burning worms where the focus is on avoiding detection.
According to F-Secure, virus writers are putting more time into making their viruses stealthy in an attempt to sneak them past antivirus software. Malware authors, many of whom now use viruses as a way of making money, are regularly testing their viruses against antivirus packages, said Mikko Hyppönen, director of antivirus research for F-Secure.
"Because virus writers make money from viruses they can test them to a professional level," said Hyppönen. "None of the existing antivirus programs will find these viruses. You can't see anything in the registry, which makes them hard to detect. They try to hide their processes."
Slammer managed to infect 90 percent of vulnerable hosts within 10 minutes of being released as it raced around the Web, disrupting IT networks worldwide. But because the worm caused such damage, most IT staff were quick to patch against it.
Hyppönen said that no one has seen a really hard-hitting worm since May last year and believes this is because virus writers have changed their approach. Many new viruses attempt to install key loggers that can record passwords and personal details, according to Hyppönen, so by attracting less attention the viruses should be more successful.
Mass-mailing worms Bagle, Sober and Netsky all created or manipulated botnets — thousands of compromised computers networked, typically for malicious use. Hyppönen said that so far no slow-burning worms have been found to have this capability.
Talkback
Sorry to be pedantic, but don't you mean *Microsoft* Viruses? I know it goes without saying that 99% of any security problems don't affect any of Microsoft's competitors. In the same vein, it should be said loudly, clearly and often or the situation will not improve.
If consumers move to other less vulnerable platforms and applications, then the situation improves.
"Malware authors, many of whom now use viruses as a way of making money ...". How do they make money from writing viruses?
Geoff
By stealing your online-banking details and emptying your account, perhaps?
As a former member of an escalations team assigned to deal with the about:blank hijacker, I have found that click-through and marketing data are sources of revenue for hackers...That is where the money comes from.
Fortunately, these hackers are in it for a profit. There are worse tactics they could use than we have seen outside of the zoo.
--684867