Malware Subsides, But Phishing and Trojan Activities Still On a High

According to Sophos, a leading computer security company, the number of malware mails has gone down by more than half. They claim that the malware writers are now turning on Trojan horse programs and keyloggers to track down user logins and passwords and other personal data.

Meanwhile the U.S. Department of Justice and the U.S. Air Force Office of Special Investigations have reported that the phishing activities are increasing despite the crack down and prosecution of phishers and bot herders over the past couple of years.

Jonathan Rusch, special counsel for fraud prevention at the Justice Department, said that there is an increase in the number of sophisticated groups online and they are increasingly using Trojan horses that pack backdoors, screen grabbers or keystroke loggers to capture login names, passwords and other information.

Even though law enforcers have caught some high profile bot herders, who help phishers spread malicious software like trojans through their botnets, the cyber criminals are getting tougher to track down as they are now more organized and use sophisticated tactics. Graham Cluley, a senior technology consultant at Sophos, says that the "bad guys" have changed their tactics and strategies in order to stay undetected.

"Botnets are one of the greatest facilitators of cyber crime these days. Really the cyber crime arena is wrapped around botnets," said Wendi Whitmore, a special agent with the Air Force Office of Special Investigations.

Whitmore said that the military has been a victim of botnet attacks over the last couple of years. The attackers knew many details including, the organizations taking part in an operation, the generals involved and the issues that were discussed. It's "incredibly disturbing, because those are the kinds of things that should be kept somewhat secret," she said.

She added that the present Internet environment equipped with ubiquitous broadband connections is ideal for the cyber-crooks to exploit the security flaws in software.

Both Rusch and Whitmore insisted on the point that the technology industry and consumers have crucial roles to play in the fight against phishing and botnet problems.

Related article: Malware Authors Turn More Insidious

» SPAMfighter News - 6/16/2006