2004 saw a total of 30 virus outbreaks in the Middle East, a record-high compared to previous years, according to new research revealed recently. The report, produced from TrendLabs, Trend Micro’s network of international virus and malware laboratories, confirms that 28 of these outbreaks were medium-risk alerts, while two – WORM_NETSKY.C and WORM_SASSER.B – were high risk alerts.
Around the world, these outbreaks caused a staggering 37,822,805 computer infections, up 8% on 2003 records, according to figures recorded by Trend Micro’s World Tracking Center (WTC).
The report also noted that – in line with the past three years – the majority of virus outbreaks occurred in the first quarter of the year, suggesting that computer users need to be particularly aware of the challenges in the early months of the New Year.
Looking back over 2004, experts suggest that a new class of software and aggressive behaviour on the part of virus developers have combined to create a higher category of threat in the region.
“In 2004, we saw that virus writers are continuing to develop malicious code that is intended to steal personal or confidential user data,” said Justin Doo, managing director, Trend Micro Middle East. “Today’s malware, which includes Trojans, backdoors, as well as viruses and worms, is purpose-built to hijack users’ machines and is more deceptive than ever. Malicious code can be hidden in an email, in fake software and can even be found on web pages.”
Six of 2004’s ten most prevalent malware programs were mass-mailing viruses that typically used “social engineering” (such as encouraging people to open messages by disguising it as coverage of celebrities or world events) to create an impact.
Four of the ten propagated themselves via peer-to-peer networks, exploiting the popularity of file-sharing software.
One new factor stimulating this process in 2004 was the increased availability of malware source codes on the internet, as this enables hackers to create new variants by modifying the code, which are then released into the wild.
This general shift in the pattern of virus and malicious software or “malware” development represents a step forward from an earlier era – when programmers typically produced viruses for notoriety and online recognition – to one where financial considerations are driving the creation of malicious code.
Whereas virus infections typically aimed to cause as much damage as possible in as short a space of time as possible, in order to maximise the impact and profile of the infection, worms and Trojans typically try to “fly under the radar” – infect a smaller number of machines in order to remain undetected as long as possible, and thereby maximize the information extracted.
Looking forward to 2005, the report identifies a number of future threats which users need to be aware of. In particular, it suggests that blended threats, which compromise and drain network resources, will continue to impact Internet users. Most malware programs will continue to employ anti- antivirus and anti-security routines to ensure infection, requiring the use of system cleaning services to ease the impact on system security.
“Nowadays it’s not enough to examine desktop machines and repair the damage onsite with anti-virus solutions. The threat is much more complex than that. Proactive protection policies that ensure the identification of rogue/infected devices beyond the network wall and remotely repair infected devices during an outbreak have become essential,” added Doo.
