Multi-Constituent Malware Evokes Risk for Businesses

According to watchdogs of the security industry, malware programs are steadily growing in complexity and are designed to include multiple constituents that exploit various weaknesses in organizations. This implies that the next security hazard that an enterprise could confront include Trojan, a keylogger and a 'bot,' all blended into one.

Thus, Arun Chandrasekaran, Industry Manager for ICT practice at Frost & Sullivan, a consulting company, said that the first constituent would trigger off all the other constituents in a chain to stealthily achieve the desired result, as reported by ZDNet on July 1, 2008.

According to several security analysts, multi-component malware have been in the wild for many years, but modern blended malware have a lot more functionality through several constituents that make the best of the opportunities so that an attack could be successfully accomplished.

According to Paul Ducklin, Head of Technology for Sophos, Asia-Pacific, web has helped in the growth of multi-constituent malware. He explained how most malware today involves a chain of stages for an attack that rely on several parts, as reported by ZDNet on July 1, 2008.

Ducklin added that with the availability of Internet, the malware no longer has to carry all the pieces it requires in a file, as the supplementary parts or pieces could be effortlessly downloaded whenever required.

According to Ducklin, security vendors confront challenges as well as opportunities in tackling multi-constituent threats. Ducklin noted that the most apparent challenge is seeing one piece of the multi-constituent malware, while not understanding where the piece has fitted itself into the whole attack.

To illustrate his point, Ducklin cites an example of facing an exploit that downloads a malware piece from a URL that hasn't still been activated. This means, Ducklin said that although it is possible to prevent any further downloads, it can't be determined outright what danger the link might cause to a computer that is unprotected.

Moreover, according to Ducklin, businesses could be risked of getting their official Websites exploited to stage malware attacks. To support his comment, he recalled how 80% of all malicious Web pages belonged to legitimate sites that have been compromised.

Related article: Multi-language Spam - A New Trend Among Spammers

» SPAMfighter News - 18-07-2008

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial