F-Secure Q1 IT Threat Summary: Worms, Worms And More Worms
- 09 April, 2009 15:00
<p>The biggest malware story of 2009 so far has been the Conficker (aka Downadup) worm. It is a classic worm exploiting vulnerabilities in Microsoft Windows, of the type that has not been seen in the past few years. However, Conficker has advanced features such as heavy encryption, a peer-to-peer functionality meaning that infected computers can communicate with each other without the need for a server, and the ability to convert and update itself.</p>
<p>Mikko Hypponen, F-Secure’s Chief Research Officer says: “The authors behind Conficker are professionals. They have infected millions of computers, and could do anything they wanted with them. The mystery is why they haven't done that. Not yet, anyway.”</p>
<p>Conficker changed operation modes on April 1st, gaining front page media coverage world-wide. However, the gang behind the worm still took action with their botnet. The mystery continues.</p>
<p>Worming away on Facebook</p>
<p>Worms have also started using social networking. The latest variant of the Koobface worm spreading on Facebook steals your logon credentials for Facebook. It logs in, steals your picture and friends’ e-mail addresses, creates a fake YouTube page with your Facebook photo and then sends an e-mail to your friends saying they’ve been tagged in a video on YouTube.</p>
<p>“When you get a message in Facebook from a friend, you tend to trust the message to be real. And when people follow a "funny link" to a video and are prompted to "update" their player, they easily fall for these attacks," Hypponen explains.</p>
<p>Worms go mobile on smartphones</p>
<p>The first quarter was also historical as it saw the birth of the first SMS worm, Sexy View, designed for smartphones. Sexy View, like Koobface, is a social engineering worm which uses the contacts stored on your smartphone to spread. It sends a text message to your contacts telling them to check out some hot pictures and offers a link to a website.
Your contacts follow the URL because it came from you. They are asked to install an application, which now sends the worm to all their contacts. The worm sends the information about the phone to its makers who then use this information to send SMS spam.</p>
<p>“Sexy View is important in many ways," Hypponen continues."It is the first text message worm ever. It's also the first mobile phone worm that circumvents the signature checks that are meant to secure the latest smartphones. And the motive behind it seems to be to collect information for mobile phone spamming purposes. Mobile phone spam is already a big problem in some parts of the world – eventually it will be an issue everywhere."</p>
<p>For the full F-Secure IT security threat summary for the 1st quarter of 2009 go www.f-secure.com/2009/</p>
<p>For the latest security news from F-Secure, visit our blog at www.f-secure.com/weblog</p>
<p>You can follow Chief Research Officer Mikko Hypponen on Twitter at www.twitter.com/mikkohypponen and Chief Security Advisor Patrik Runald at www.twitter.com/patrikrunald</p>
<p>About F-Secure Corporation</p>
<p>Innovation, reliability and speed of response - these are the qualities that have made F-Secure one of the world’s leading IT security providers since the company was founded in 1988. Today F-Secure’s award-winning and easy-to-use products are trusted in millions of homes and businesses around the world. We provide powerful real-time protection that works quietly and smoothly in the background, so computer and smartphone users can enjoy the benefits of connected life to the full. F-Secure’s solutions are available as a service subscription through more than 180 Internet service providers and mobile operator partners around the world, making F-Secure the global leader in this market. F-Secure has been listed on the NASDAQ OMX Helsinki Ltd since 1999. The company has consistently been one of the fastest growing publicly listed companies in the industry. The latest news on real-time virus threat scenarios is available at the F-Secure Data Security Lab weblog at http://www.f-secure.com/weblog/.</p>
- FBI: Email swindlers have now redirected as much as $12bn in payments
- Penetration tests: What are the benefits? Should every business get one?
- Protecting data in the 2019 financial year: what cloud service providers and customers need to know
- To achieve strong IT security, embrace a framework strategy
- What is a cyber kill chain?