Nasty Virus Writers Get Even Nastier

by Jay Wrolstad, cio-today.com

Malware practitioners are more prolific than ever these days and have reached a level of sophistication where the viruses they produce can spread across the Internet in minutes, according to a new report by security specialist Sophos.

Thus far this year, Sophos has detected nearly 8,000 new viruses, up

59 percent from the first six months of last year. At the same time, the average time from initial release to widespread infection is decreasing rapidly.

According to Sophos, there now is a 50 percent chance of being infected by an Internet worm in just 12 minutes of being online with an unprotected Windows PC.

Money To Be Made

For users, the latest virus report should serve as an incentive to be more diligent with security patches and other software updates, said Gregg Mastoras, senior security analyst at Sophos.

Mastoras attributes the potential profits from spyware and other attacks that let hackers obtain information -- such as bank-account data or credit-card numbers -- as a primary reason for the rise in virus activity.

In fact, he said, Sophos has seen a threefold increase in the number of keylogging Trojans so far this year. Once planted, these keyloggers run in the background and monitor a user's keystrokes, feeding passwords and other personal information back to the Trojan writer.

Zafi, Sober Worms Top the List

The long-running Zafi-D worm accounts for more than a quarter of all viruses reported to Sophos thus far this year. Dominating the top of the monthly virus charts for the first four months, this worm circulates under the guise of a Christmas greeting to trick users into opening an infected attachment.

"Protection against this worm has been around for a while, but infections are still being reported, which means consumers are not protecting themselves," said Mastoras.

The Sober-N worm also is nasty. Primarily, it uses file-sharing networks for distribution, then hides in the background of infected PCs before upgrading itself to a newer version to churn out spam from compromised machines.

Sophos noted that traditional PC threats seem to be consolidating, which makes it difficult to identify certain kinds of attacks as being spam, spyware or virus. Some Trojans, for example, infect user machines to engage in several kinds of malicious activities.

Moving Beyond Microsoft

While the ubiquity of Windows-based PCs makes them the preferred target, Mastoras said virus writers seeking personal information are showing greater interest in Linux, Unix and Mac systems.

As a result, businesses and others using alternative operating systems -- on desktops or servers -- should not let down their guard in the belief that they are not vulnerable to attack, he said.

"It's important for all users to update their OS with the latest patches and to use antivirus applications," Mastoras said.

Copyright 2005 NewsFactor Network, Inc.

NOTE: For more telecom/internet/networking/computer news from the daily media, check out our feature 'Telecom Digest Extra' each day at

. Hundreds of new articles daily.

*** FAIR USE NOTICE. This message contains copyrighted material the use of which has not been specifically authorized by the copyright owner. This Internet discussion group is making it available without profit to group members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of literary, educational, political, and economic issues, for non-profit research and educational purposes only. I believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner, in this instance, NewsFactor Network.

For more information go to: