Malware becoming more sophisticated, warns IBM

"Exploits as a service" industry continues to thrive

IBM has reported an increase in malware volume and sophistication as part of its security statistics report for the first half of the year.

So far this year, its X-Force research and development team has identified and analyzed more than 210,000 new malware samples, which is more than the total number of malware samples observed over the entirety of last year.

According to IBM, the "exploits as a service" industry continues to thrive, with the new practice of "exploit leasing" added to the repertoire of criminals. By leasing an exploit, attackers can now test exploitation techniques with a smaller initial investment, making this underground market an even more attractive option for malicious perpetrators.

According to the report, Trojans (seemingly legitimate files that are actually malware) are the most common form of malware this year, accounting for 28 percent of all malware. Last year, by contrast, Downloaders was the most common category -- a low-profile piece of malware that installs itself so that it can later download and install a more sophisticated malware agent.

"The X-Force security statistics report for 2006 predicted a continued rise in the sophistication of targeted, profit-motivated cyber attacks," said Kris Lamb, director of X-Force. "This directly correlates to the rise in popularity of Trojans that we are witnessing this year, as Trojans are often used by attackers to launch sustained, targeted attacks."

But running counter to historical trends, X-Force reports a slight decrease in the overall number of vulnerabilities uncovered in the first half of 2007 versus the first half of 2006. A total of 3,273 vulnerabilities were identified in the first half of this year, down 3.3 percent year-on-year. However, the percentage of high impact vulnerabilities has gone up since 2006 from 16 percent to 21 percent for the first half of 2007.

A similarly unexpected trend in the report is the decrease in spam message size. IBM said the fall corresponded with a decrease in image-based spam.

"The decrease in spam message size and image-based spam is a result of spammers adopting and experimenting with newer techniques, such as PDF- and Excel-based spam, as a means to more successfully evade detection by anti-spam technologies," said Lamb.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Computerworld UK staff

Computerworld UK
Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Compare & Save

Deals powered by WhistleOut
WhistleOut

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?