subscribe: Daily Newsletter

 

More worms stealing confidential data in 2008

0 comments

This year has begun with alarming data: in addition to Trojans, the use of worms to steal users’ confidential data is also on the increase. Panda Security can reveal that while Trojans caused 24.41% of infections, worms accounted for 15.01%.

This data contrasts with the 2007 stats, in which attacks caused by worms were responsible for less than 10% of infections.
According to PandaLabs, Panda Security’s malware analysis and detection laboratory, this is due to the increasing activity of Nuwar-type worms, also known as Storm Worms. Computer worms can spread rapidly on their own. However, unlike those that caused epidemics massively covered by the media, they do not seek to collapse data traffic or damage computers. Instead, their objective is to steal confidential data for online fraud or identity-theft crimes.
“Although we suspected this would occur, we didn’t think cyber-crooks would focus on these types of worms so soon,” says Jeremy Matthews, CE for Panda Security South Africa. “It is a very dangerous threat, since even though its effects are more visible than Trojans’ and they can be neutralized more easily, these worms can carry out indiscriminate ‘storm’ attacks to collect large amounts of confidential data very quickly.”
Matthews adds: “For further efficiency, hackers are putting numerous samples of these worms in circulation in very little time, so the probability of being infected is higher."
To do so, these worms usually arrive in messages that use social engineering techniques which refer to current affairs. They also include links redirected to pages that have been modified to automatically install other malware which steals the data, or to spoof pages similar to those used for phishing attacks.
Other types of malware that caused damage in January included; adware (21.21%), backdoor Trojans (4.03%), spyware (3.13%) and bots (2.65%).
The most active malware in January was the Downloader.MDW Trojan, designed to download other malicious codes onto the system. Bagle.HX and Perlovga.A come second and third.
Next come the Puce.E worm, the Spammer.ADX Trojan and the Brontok.H email worm. The last four in the table are the QV variant of the Bagle worm, the Downloader.RWJ Trojan, the VideoAddon adware and the Lineage.GYE worm, whose objective is to steal passwords of the Lineage online game.