Untitled Document
www.expresscomputeronline.com WEEKLY INSIGHT FOR TECHNOLOGY PROFESSIONALS
04 May 2009  
Untitled Document
Sections

Market
Management
 Technology
Technology Life

Express Intelligent Enterprise

Events

Technology Senate
Technology Sabha
Services
Subscribe/Renew
Archives
Search
Contact Us
Network Sites
Exp.Channel Business
Express Hospitality
Express TravelWorld
feBusiness Traveller
Express Pharma
Express Healthcare
Express Textile
Group Sites
ExpressIndia
Indian Express
Financial Express

Untitled Document
 
Home - Technology - Article

Brief

F-Secure releases IT threat summary for the 1st quarter of 2009

During the first three months of 2009, the F-Secure Security Labs have been dealing with worms, worms and more worms. We’ve seen the Conficker worm still digging away, social worms on Facebook and the first mobile worm.

The biggest malware story of 2009 so far has been the Conficker (aka Downadup) worm. It is a classic worm exploiting vulnerabilities in Microsoft Windows, of the type that has not been seen in the past few years. However, Conficker has advanced features such as heavy encryption, a peer-to-peer functionality meaning that infected computers can communicate with each other without the need for a server, and the ability to convert and update itself.

Mikko Hypponen, F-Secure’s Chief Research Officer said, “The authors behind Conficker are professionals. They have infected millions of computers, and could do anything they wanted with them. The mystery is why they haven’t done that. Not yet, anyway.”

Conficker changed operation modes on April 1st, gaining front page media coverage world-wide. However, the gang behind the worm still took action with their botnet. The mystery continues.

Worms have also started using social networking. The latest variant of the Koobface worm spreading on Facebook steals your logon credentials for Facebook. It logs in, steals your picture and friends’ e-mail addresses, creates a fake YouTube page with your Facebook photo and then sends an e-mail to your friends saying they’ve been tagged in a video on YouTube.

“When you get a message in Facebook from a friend, you tend to trust the message to be real. And when people follow a “funny link” to a video and are prompted to “update” their player, they easily fall for these attacks,” Hypponen explained.

The first quarter was also historical as it saw the birth of the first SMS worm, Sexy View, designed for smartphones. Sexy View, like Koobface, is a social engineering worm which uses the contacts stored on your smartphone to spread. It sends a text message to your contacts telling them to check out some hot pictures and offers a link to a website.

Your contacts follow the URL because it came from you. They are asked to install an application, which now sends the worm to all their contacts. The worm sends the information about the phone to its makers who then use this information to send SMS spam.

“Sexy View is important in many ways,” Hypponen continues, “It is the first text message worm ever. It’s also the first mobile phone worm that circumvents the signature checks that are meant to secure the latest smartphones. And the motive behind it seems to be to collect information for mobile phone spamming purposes. Mobile phone spam is already a big problem in some parts of the world – eventually it will be an issue everywhere.”

 


Untitled Document

UNSUBSCRIBE HERE
Untitled Document
© Copyright 2001: The Indian Express Limited. All rights reserved throughout the world. This entire site is compiled in Mumbai by the Business Publications Division (BPD) of The Indian Express Limited. Site managed by BPD.