Rootkits Low; Bot & Trojan Infection High
However, the data from the security tools of Microsoft shows that infections from stealth rootkit are decreasing. The probable reason is the inclusion of anti-rootkit abilities in security applications.
On October 23, 2006, Microsoft said that the biggest danger for Window security is zombies. The recent data on malware infection covers the 1st half of 2006 and was released in Nice, France during RSA Europe conference. In the covered period, Microsoft discovered over 43000 new varieties of backdoor trojans and bots that control innumerable hijacked Windows systems in "for-profit" botnetworks.
Attackers who have financial benefits on mind are focusing on this particular class of malware. Windows users have a tangible and significant threat from backdoor Trojans. A zombie, i.e., a Trojan compromised computer, can be employed in a botnet to pass on spams and launch cyber-attacks. Also, hackers often thieve the personal data of the victim and install adware and spyware on PCs to gain kickback from adware or spyware makers.
With around 27154 discovered variant, keylogger was the second most important threat. Downloader followed it with 13039 variants. The Trojan had 4497 variants and the mass mailer was with 3426 variants.
"Malicious software removal tool" or MSRT of the company cleaned around 4 million machines, out of which, around 50% (2 million) comprised of atleast one backdoor Trojan. While these figures are high, Microsoft noted that this is less than the 2nd half of 2005. During 2nd half of 2005, about 68% of the cleaned machines had one backdoor Trojan.
Microsoft was surprised to know that attacks, which use stealthy jigs to remain undetectable on compromised computers, reduced by 50% in 2005. It was despite the increased industry interest in Window rootkits.
Microsoft is of the view that anti-rootkit tools have aided largely to reduce the number of rootkit attacks in preference of more sophisticated stealth related techniques.
Related article: Rootkits Can Be Detected And Eradicated
» SPAMfighter News - 28-10-2006