Strategy

Finjan: Complex-code attacks to spike this year

January 8, 2007

Growing numbers of cybercriminals are using complex code to bypass traditional signature-based filters, according to the latest Security Trends Report from Finjan.

The firm's researchers say hackers are directing users to malicious sites using varying code based on random functions and parameter name changes to infect computers with malware.

"Dynamic code obfuscation techniques are the latest salvo from hackers in the ongoing battle of wits between security vendors and their criminal opponents," said Yuval Ben-Itzhak, Finjan CTO. "With their creation of dynamic obfuscation utilities, which enable virtually anyone to obfuscate code in an automated manner, they have dramatically escalated the threat to web security."

He added: "This threat is dynamic, not static, and the signature variations allow the code to infiltrate the company network and infect the machines. Hackers are moving to the next phase, and this will be one of the biggest trends this year."

Ben-Itzhak said use of this technique will increase with the adoption of Microsoft's new Vista operating system.

"The driving force behind the increase in dynamic code obfuscation will be the new Vista platform," he said. "The switch to Vista will trigger this wave of complex code from malicious users who have had time to plan their techniques."

The report also predicted that attacks using Web 2.0 technologies will rise this year. Researchers believe hackers will use blogs, wikis and RSS to embed malicious code in high-traffic websites as users become more aware of email-based scams.

"Web 2.0 technology will be used by hackers as a platform to install spyware and adware," said Ben-Itzhak. "Hackers have begun to take advantage of new web technologies to create complex and blended attacks, which are likely to soar in 2007."

prestitial ad