Kaspersky: Anti-virus community now has upper hand on cybercriminals

The bad guys are in a creative crisis, and unable to conjure up new attacks to target networks, according to Kaspersky Labs most recent quarterly Malware Evolution report.

That "crisis of ideas" has resulted in cybercriminals barraging victims with familiar attacks, and therefore giving some advantage to the anti-virus community, said Alexander Gostev, senior virus analyst at Kaspersky Lab and the study’s author.

"The ball is now in our court. For the first time in many years, the anti-virus companies have the upper hand. Virus writers are concerned solely with earning dirty money and are incapable of coming up with new ideas, so instead they are trying to milk what they can out of old technologies – and the anti-virus industry is coping quite well," said Gostev. "The worst thing about the current situation is that quality has given way to quantity. The barrage of primitive malicious programs stealing things right and left continues to grow, but it’s more reminiscent of a battle between Rock 'Em Sock 'Em Robots than a battle of wills."

As the main historical events of the second quarter – which stretched from April to June – Kaspersky Lab cited politically motivated cyberattacks against Estonian authorities, the release of Apple’s highly anticipated iPhone, and the emergence of the MPack trojan-creation tool and the Viver mobile device trojan.

Shane Coursen, senior technology consultant at Kaspersky Lab, told today that a recent trend is attackers combining strategies into single attacks.

"We’re seeing a confluence of all these technologies, and basically all of these different technologies are coming together and being used in attacks that are all well timed and well targeted," he said. "We’re just seeing the bad guys get a lot smarter in how they implement their attacks."

Gostev said he expects viruses targeting the iPhone, likely trojans, to emerge during the next year.

"Our conclusion is that malicious programs for the iPhone will likely begin to emerge during the next year, but they probably won’t be worms. Instead, they will probably be typical file viruses and a variety of trojans," he said. "But the biggest threat for iPhone users will be the different vulnerabilities that may be used by malicious users to access information stored on the phone."

Malware-writers have shown so little innovation over the past 36 months, that Gostev commented "probably the only thing that distinguishes the present from three years ago is the fact that email is not being used as the primary vehicle for spreading viruses."

"The threats are not becoming ‘smarter.’ Innovation has stagnated as development is now focused on cosmetic changes, and we still don’t know what may ultimately serve as a catalyst for changing the nature of viruses in the global area, events comparable to the launch of Windows 95, the emergence of the LoveLetter and Melissa worms, the first macro virus and Lovesan and MyDoom epidemics," he says in the report.


Click here to email Online Editor Frank Washkuch.

Click here for the latest SC Magazine Podcast – Aug. 6, 2007: Interview with Jeff Moss, Black Hat founder and director.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.