No longer the domain of frustrated teenagers, malware has become the favoured Internet tool for criminal gangs intent on fraud, theft and spamming. Malware such as Stormworm, which created one of the world’s largest botnets, caused considerable damage during 2007. The threats are likely to increase significantly during 2008.
“2007 was the year of prolific cyber-crime with certain gangs becoming famous within the security industry. Notoriety within a hot market always encourages an influx of new players wanting their slice of success,” warns Mark Sunner, chief security analyst, MessageLabs. “Significant increases will also be seen in the techniques the bad guys will use. Predictability is the Achilles heel of cyber-crime and the bad guys will avoid repeat attacks at all costs.”
Criminal malware has a very different impact on its victims than viruses of old. Instead of delivering a spectacular payload such as deleting files or damaging a machine, malware is now much more subtle. It is designed to pass under the radar to steal information from companies or set up botnets that send out millions of spam messages. Stormworm infected so many machines in 2007 because its writers continually released new variants to keep ahead of the anti-virus industry.
Internet crime is now big business with industry experts estimating that the shadow Internet economy is now worth $105 billion. Malware writers are writing tools to order, which allows anyone to commit crime on the Internet, irrespective of their technical skills. Targeted attacks are a particular growth area, with MessageLabs capturing up to 1,100 a day in 2007. These Trojans are personalised, often hidden in Microsoft Office documents, undetectable by AV tools and are designed to give access to the victim’s computer. Malware experts believe that these attacks are going to be a big feature of Internet crime in 2008.