Bots and adware top threats for 2005

Happy new year

Bots and mass-mailers are expected to remain the predominant methods by which virus writers attack enterprises in 2005, according to security experts.

McAfee's Avert antivirus group also predicted that exploits and adware will account for over 60 per cent of security problems for home users.

The company warned that adware and unwanted content transmitted via email and the web will continue to increase in 2005, with programs becoming increasingly complex. The threats will be combined with content such as spam and phishing as the year progresses.

"It is anticipated that successful phishing schemes will continue to increase throughout 2005 due to a general lack of consumer awareness," Avert warned in a statement.

"Additionally, the number of exploits that attack [known] vulnerabilities will increase as more are discovered and disclosed."

Computer virus attacks reaching a 'medium' risk assessment or higher have dramatically increased in 2004 compared to 2003, the company noted.

Avert has assessed 46 threats as a 'medium' risk or higher compared to 2003's total of 20 threats reaching that same risk level. Most of this was due to the Netsky/Bagle war that consumed most of the first quarter of last year.

Some 50 new computer viruses (of varying risk assessments) were discovered every day during the first half of 2004. And by the end of 2004, detection for 17,000 new malware threats were added to Avert's database.

The top 10 threats in 2004 fall into one of the following key areas: spyware/adware, email-borne viruses, and malware delivered by spam. The top threats for 2004 in alphabetical order are:

• Adware-180
• Adware-Gator
• Exploit-ByteVerify
• Exploit-MhtRedir
• JS/Noclose
• W32/Bagle
• W32/Mydoom
• W32/Netsky
• W32/Sasser
• W32/Sdbot (family including Sdbot, Gaobot, Polybot, Spybot)

Avert went on to report that threats using vulnerable systems in 2004 totalled more than 380, exceeding 2003 totals by approximately 50 per cent. The group believes that this number will grow due to hackers' continuing interest in exploiting unpatched home systems.

"In 2004, the rise in viruses, worms, phishing, adware and vulnerability exploitation has surpassed what was noted in 2003," said Vincent Gullotto, vice president of Avert.

"Although we saw a steady five per cent year-over-year decrease in the rate of virus production from 2000 to 2003, we have seen an increase in 2004 which can be partly attributed to the Bagle and Netsky authors feuding, as well as a general lack of awareness in regards to adware and other such programs."

McAfee researchers estimate that there are more than 7,000 bots in existence today, growing at a rate of about 150 to 200 per week.

Some bots are less pervasive than others, but the security firm warned of a recent trend towards bots that download adware onto a user's system. These programs also have the ability to propagate quickly on the compromised PC.

"Like any evolving security threat, the writers of these intrusive programs continue to develop new variants that propagate on systems that do not have proactive protection against buffer overflows. Proactive generic protection is becoming imperative," Avert warned.

The company also noted that spyware and adware threats are becoming an increasing concern, with an average of at least 13 adware components found on every machine.

"Today's adware is more often categorised as surveillance-driven spyware, programs that are dropped onto a user's system and installed without their knowledge," said Avert.

"In addition, spam that is encoded with exploit capabilities to install spyware has become an increasing issue among consumers."