Computer Crime Research Center


2004: Year of the global malware epidemic - Top ten lessons

Date: November 23, 2004
Source: mi2g Intelligence Unit

2004 is set to become the worst year on record for malware variants and their hybrids as vulnerabilities in Microsoft Windows are exploited within days of being posted on the internet. Witness the latest and ongoing Bofra malware episode, which is a hybrid of the MyDoom family. There is evidence to show that malware writers are learning from each others' code and refining carrier vectors continuously based on live-tests within the internet environment. This, in turn, encourages playground behaviour similar to monkey see, monkey do; with dangerous consequences.

The Chinese year of the Monkey has indeed come to pass across the globe as nearly 115 million computers across 200 countries have been infected at one time or another this year by rapidly proliferating malware agents including trojans, viruses and worms. As many as 11 million computers worldwide - mostly within homes and small organisations - are now believed to be permanently infected zombies that are used by criminal syndicates or malevolents to send out spam; mount Distributed Denial of Service (DDoS) attacks; carry out extortion, identity theft and phishing scams; or disseminate new malware.

The threat is rising as anti-virus tool kit, firewall and intrusion detection systems combined are unable to deal in advance with malware that does not send attachments but relies on inconspicuous hyperlinks to solicit further infections. The unsuspecting users have lost the battle the moment a hyperlink is clicked which directs their clean machine's browser to an infected machine. Well researched, understood and mostly a few days old variants are subsequently added to virus definitions and signatures. This is usually after the horse has bolted!

In some instances, the appropriate patch from the software vendor has still not become available or is part of an elaborate Service Pack that users have not installed because that significant addition may interfere with their existing applications or is incompatible with their machines' BIOS, calling into question the whole approach of fighting the malware malaise through present methods.

The top five malware families of all time including hybrids are: 1. MyDoom; 2. Netsky; 3. SoBig; 4. Klez; and 5. Sasser. The total economic damage worldwide from malware proliferation - with an additional 480 new species in 2004 alone - is now estimated to lie between $166bn and $202bn for 2004 by the mi2g Intelligence Unit. With an installed base of around 600 million Windows based computers worldwide, this works out roughly as average damage per installed machine of between $277 and $336 ...

Read full story at MI2G

Add comment  Email to a Friend

Copyright © 2001-2024 Computer Crime Research Center
CCRC logo