Online video could be next virus target

Specialists warn of next logical step

Iain Thomson, vnunet.com 03 Oct 2007

Security specialists are warning that virus writers will increasingly embed their wares in online videos.

Chris Rouland, chief technology officer at IBM's Internet Security Systems, told the annual summit of the Georgia Tech Information Security Center that the future for online video could be as a vector for viruses.

"Just as we see an evolution in messaging, we also see an evolution in threats," Rouland told Associated Press.

"The next logical step seems to be media players. People are accustomed to not clicking on messages from banks, but they all want to see videos from YouTube."

While there have been few cases of this happening, Rouland said that a large-scale attack is likely.

Jeff Green, senior vice president of product development at McAfee Avert Labs, highlighted the danger of video viruses earlier this year, identifying it as a top 10 threat for 2007.

The Georgia Tech report on the threat landscape for the coming year also pointed out that web 2.0 sites are being targeted by virus writers who are becoming far more cunning at beating antivirus software.

Some code discovered in the wild downloads viruses from a web page, and then alters the virus signature every time malware is downloaded to make it much more difficult to block. Botnets are also a growing problem.

"We will see a continued increase in the amount of fraud carried out by botnets in 2008, pushing the levels of users infected to one in 10 or greater," said Wenke Lee, associate professor at the College of Computing at Georgia Tech.

"The entire IT community - service providers, security vendors, websites and users - must play an active role in protecting against this evolving and expanding threat."