CHENNAI, INDIA: Trend Micro, Inc. today published the TrendLabs Semi-annual Threat Roundup and Forecast.
The era of the global malware outbreak is over. Today’s malware threats attempt to remain undetected and now often go after users in a specific region, country or group.
These new attacks are of blended and sequential nature. They use combinations of malware, each of which plays a role in the delivery of the payload. Using the Web for delivery, update and entrenchments, such insidious attacks report back stolen information to the perpetrator, with the end goal of making money.
In the first six months of 2007, TrendLabs tracked several examples of just how the threat landscape has evolved, including “Storm” at the beginning of the year and the “Italian Job” most recently in June.
In an effort to provide comprehensive and reliable analysis, TrendLabs is examining new methods for analyzing and understanding the evolving threat landscape. The Semi-Annual Threat Roundup and Forecast examines threats in the following categories:
Infrastructure vulnerabilities
Threats that originate from the existence of security weaknesses in applications, network architecture or operating systems.
High-impact threats
Threats that have the capacity to cause very high localized damage. Examples include global outbreaks and targeted attacks.
Content-based threats
Threats, which are delivered to the target victim as part of content, such as phishing or spam.
Process-based threats
Threats in the form of an executable application resident on the host PC. Examples include malware, spyware and adware.
Distributed threats
Threats, like bots, where the infection is used to mount an attack on a third-party victim.
Perhaps the most disturbing finding within the report is the persistent rise in the use of bots and botnets to distribute spam and malware, and perpetrate cyber crimes. Botnets remain the most powerful tool at malware authors’ disposal in the bid for computer automated crime.
Going forward TrendLabs expects that these Web threats will continue to permeate the online computing experience for users all over the world, as long as the deployment of malicious code remains a profitable enterprise for malware authors.