Viruses no longer top security threat

Viruses no longer top security threat


Trojans and spyware taking over

Early reports of malware distribution in April show that viruses are swiftly declining as a threat in comparison with other malicious software.

Separate research from Fortinet and Sophos shows that the top viruses were mainly old timers, and that Trojans and spyware are coming to the fore in their place.

Fortinet in particular reported that Adware/BetterInternet was its top threat last month, accounting for nearly one in eight attacks.

"While email worms occupy the top spots, it's clear that Trojans represent by far the most prominent threat to IT security," said Carole Theriault, senior security consultant at Sophos.

"Trojans are constantly being fine-tuned by hackers to catch out specific targets. As they are likely to be more difficult to identify, there's a danger that more individuals will make the mistake of clicking on an unsolicited attachment or a dubious weblink."

Netsky is still the most common virus seen online, accounting for about one in five of all viruses despite a fix and removal tools being widely available for more than two years.

"It's astonishing that Netsky-P is still going strong 25 months on. Users with insufficient malware protection must take the brunt of the blame for giving it this continued lease of life," said Theriault.

But despite the warnings, it seems that worms that use instant messaging have yet to take off.

"The expected reign of IM worms has not arrived because virus authors are confronted with a fundamental barrier when engineering an IM worm," stated Fortinet's report.

"While email addresses are easy to collect on the web, instant messaging IDs are generally less public, making the seeding process significantly harder to set up.

"Furthermore, an IM worm's social engineering effectiveness strongly relies on the fact that people are more likely to accept a transfer originating from one of their contacts than from a stranger, so the initial infected messages must come from existing, real users."

However, Fortinet warned that it has seen the first phishing website trying to steal IM details, in this case for MSN Messenger. The site promises a free utility for registered uses but exists solely to collect IDs and passwords.