Short-lived Malware Attacks Changing the Web Threats Landscape

According to a recent warning from AVG Technologies, a security software agency, attackers are increasingly crafting Web-borne malware assaults. They include new features like fast moving and short-lived and secretive.

AVG states that modern Internet threats often appear for a short time on a legitimate website and then shift to other websites prior to being detected and blocked. Some other cases of these threats include criminals who create several hundred apparently legitimate websites containing infections, while float them for just 24 hours or a little more, and then withdraw them forever.

But AVG said that the use of short-lived websites makes it harder for security professionals to identify and prevent the activities of malware authors. These short-duration websites are most commonly employed in distributing bogus anti-spyware, also called 'scareware'. Computer users are falsely warned of an infection on their system and told to download a 'cleaner' that in reality is the harmful malware.

Besides, malware installation has altered since the traditional methods of malware delivery through e-mail attachments, Word documents and floppy disks arrived. Previously, these techniques took lots of patience, time and had very low success rate.

In those days, malicious software would remain inactive for several days extending to even weeks, waiting for certain action to take place like execution of a particular file or rebooting of the system. While a number of the similar kinds of malicious software like Trojans, worms, rootkits etc. are being employed in the present time, more refined online deliveries have lessen the possibility of the malware getting detected via heuristic checks and antivirus signatures.

Moreover, AVG stated that malware are now capable of infecting via 'drive-by downloads' that are installed to seize data even if the user does not interact in any way.

Citing one instance of a temporary malware as 'malverts' or malicious advertisements, security experts stated these are simply designed and submitted to an advertising network that subsequently distributes the malvert to a large number of websites. So when users click on these ads, their computers could get infected with spyware that steals data.

Related article: Shared Infrastructure Greatly Aids In Data Breaches

» SPAMfighter News - 4/7/2009