Top Computer Viruses And Spam Originators In 2004
In a recently published report, Sophos, one of the world's leading anti-virus and anti-spam firms, confirmed what we had all expected - computer virus writers have become more inventive in 2004 and their viruses more destructive.
Photo credit: Judi Seiber
The report reveals that the Netsky-P worm, which was first seen in March 2004, has accounted for almost a quarter of all virus incidents reported, making it the hardest hitting virus of 2004.
Meanwhile, North America, particularly the United States, continued to contribute the most to worldwide spam, with nearly 48% of all spam being sent from North American computers during 2004.
According to Gregg Mastoras, senior security analyst at Sophos Inc., "Unfortunately, in 2004, we saw increased collaboration among cybercriminals through organized crime rings and collusion between virus writers and spammers. In 2004, we also saw financial motivation become the driving force behind spam and viruses."
Sophos researchers have identified 10,724 new viruses so far in 2004, a 51.8% increase in the number of new viruses, bringing the total viruses in existence to 97,535. Of these, Netsky variants accounted for 41.6% of all viruses reported to Sophos, capturing an unprecedented five of the top ten slots on this year's Top Ten round-up.
German teenager Sven Jaschan, who wrote both the Netsky and Sasser worms, is responsible for more than 55% of all virus reports in 2004.
Jaschan was apprehended and confessed to his involvement in May 2004, but his worms continue to spread. In November 2004, eight months since its original discovery in March, Jaschan's Netsky-P worm was still the world's most widely reported virus.
The United States continues to lead the world in spam, accounting for more than two of every five spam emails. Despite CAN-SPAM legislation and the Operation Web Snare crackdown in August, where the Department of Justice arrested over 150 people in connection with online computer crimes, US computers originated over 42% of all spam, more than three times the amount from the second largest spamming country, South Korea.
In 2004, spammers became more inventive using new obfuscation techniques, rotating domain names and hiding their domain owner information. In the past 12 months, the speed at which they use new techniques has gone from weeks and days to hours and minutes - soon it will be seconds.
A number of new spam campaigns made their debut in 2004, widening the content beyond the typical prescription drug and mortgage application emails.
According to the Anti-Phishing Working Group, in October alone, phishing campaigns hijacked more than 44 brands worldwide. New 2004 spam campaigns included:
- Work from home/prepare to succeed
- Training courses and well-paid jobs in financial sectors
- Rolex and other counterfeit products
- Religious spam that urges users to convert
Cybercriminals are involving innocent users in a wider variety of scams and unprotected users are at risk at unknowingly abetting crimes through remote control and use of their computers. Over 40% of spam comes from PCs that have been hijacked by viruses. Some worms have used armies of zombie computers to launch distributed denial of service attacks against major organizations' and government websites around the world, as well as against online betting websites, anti-virus and anti-spam companies. In addition, phishers are recruiting mules in complex money-laundering schemes through legitimate seeming requests.
A new generation of phishing was identified, which used Trojans to steal personal information from users visiting legitimate sites.
From phishing emails that warn consumers of phishing to money laundering rings, phishing scams have become both more elaborate and more graphically realistic in 2004. Most worrisome, however, are a new generation of phishing attacks that wait for users to visit real banking websites before surreptitiously monitoring and secretly recording the login process through Trojan horses.
Despite an increase in law enforcement, the volume of threats, such as viruses and spam, continues to rise. 2004 heralded a significant increase in arrests in both the virus and spam communities. Well-publicized arrests include Jaschan and the US Department of Justice's "Operation Web Snare" in August, where more than 150 people were either arrested or convicted in connection with online computer crimes.
Unfortunately, this is but a small fraction of the perpetrators in existence, and some criminals, such as Jaschun and 29A virus-writing gang member Marek Strihavka, are being rewarded by security companies who employ them after their arrests.
So what will 2005 look like? According to Sophos' Gregg Mastoras,
"In 2005, we're going to see more mass-mailing worms like Netsky and Bagle. Spammers will keep on spamming. All of these criminals will continue to collude and create inventive attacks. But by working together, the security industry, the government, the business world and the public at large can all find ways to make these attacks less profitable and less impactful, thus lessening the draw for these criminals."
blog comments powered by Disqus