Chief Security Expert for Kaspersky Labs, Costin Raiu recently earmarked several growing trends within the malware sphere which South African users need to be wary of.
According to Raiu the distribution of malware and other malicious material to PCs is now chiefly carried out via host websites through which users are either tricked into manually operating malware programs or are infected automatically.
“Of course, cybercriminals constantly change their tactics in order to combat countermeasures,” says Raiu. This has resulted in two marked current trends.
The first lies in the deployment of ‘0-day’ vulnerabilities. These reside within new programs which do not yet have deployed patches to address the security issues. As a result these can “be used to infect even fully up-to-date computer systems which are not running a dedicated security solution”.
“0-day vulnerabilities are a valuable commodity due to their potentially serious impact, and they usually sell for tens of thousands of dollars on the black market,” revealed Raiu.
In addition Raiu said that Kaspersky is currently “seeing a spike in the type of malware designed to steal confidential information that can later be sold on the black market. Such information includes credit card numbers, bank account details, passwords for websites such as eBay or PayPal, and even passwords for online games such as World of Warcraft.”
The widely held perception of hackers and malware writers as singular, malicious individuals has also been debunked. Organised syndicates operating from Russia and China with a global reach are now chiefly responsible for the majority of malware and spam currently circulating the globe; the primary motive, says Raiu, is profit.
“One of the obvious reasons why cybercrime has become so widespread is because it is profitable; this profitability will always drive the development of new cybercrime technologies,“ said Raiu.
Exponential threat increase
What is arguably most startling about this information is the near exponential rise in online malware infections in the past few years.
“There has been a sharp rise from the roughly 1 infected website in every 20,000 or so websites in 2006 to the current maximum of 1 infected website in every 150 at the beginning of 2009,” says Raiu.
Although the percentage of infected websites now fluctuate around this number, suggesting that a saturation point has been reached, Raiu added that the number could rise and fall according to how quickly developers can identify new weaknesses online.
In order to avoid infection Raiu urges internet users to stick to modern, widely used browsers such as Firefox 3.5, Chrome 2.0 and Internet Explorer 8.0. These browsers feature in-built URL filtering which are designed to identify websites which are infected with malicious material.