Wednesday, July 15, 2009

TrendMicro 2009 Annual Threat Roundup Report

TrendMicro has also posted an annual thread roundup report for the year 2008. This is similar to the report posted by Symantec (Check my blog posting) .

This report in a nutshell gives a summary of the major threats that were noticed worldwide during the year 2008. These mostly comprised of the following:

Viruses
Worms
Adaware/Spyware
Botnets

It is interesting to note that some of the old virus infection tricks have been redeployed by writers with a taste for the newer technology. How many of you remember those days when you could infect a pc with a floppy disk? Well believe it or not, that same infection vector was used last year to release one of the many viruses, but instead of floppies, removable drivers (usb flash disks, SD cards etc) were used. Windows had a major vulnerability where it automatically launched the autorun file whenever a removable device was connected. This feature was used by virus writers to spread their creation. Also, another Trojan that caught my attention was Sinowal. This Trojan would rewrite the MBR (master boot record) of a disk and restart your PC. On doing this, it would load even before the operating system was loaded. Amazing isn't it?

The number one on the charts was spybots/botnets. These are basically a chain of zombie PCs that have been taken over using spyware/adaware programs. These "call home" every so often to download commands. The place where they call back is called a Command & Conquer Center (C&C). The threats from these can range from showing ads to running DDOS.

Forecasts for 2009 seem be similar to what we had in 2008. Though the infections are to grow more complex and would definitely target other operating systems as well. Also mobile technologies such as iPhone and the like might get more infections.

If you would like to read the detailed report, you can access it at http://us.trendmicro.com/imperia/md/content/us/pdf/threats/securitylibrary/trend_micro_2009_annual_threat_roundup.pdf

No comments: