Web Based Trojans Are The New Hit

Web Security : Web Based Trojans Are The New Hit

Posted by Max on 2007/11/2 15:15:51 (1013 reads)

The war against computer malware is far from ending as Trojan writers find new ways to elude the security countermeasures deployed by corporations and end-users alike. The latest trend in Trojan distribution is web hosted malware and this has put the cyber criminals one step ahead of the security vendors.

Secure Computing principal research scientist Dimitri Alperovitch says that “We have seen a steady increase over the last year or so from malware being distributed typically through email now shifting to the Web factor.

Google confirms this by a recent study which showed as many as 10% of all Web sites are host to some type of malicious code.

The reason for this move is straightforward; most businesses and enterprises have focused mainly on messaging security and protecting email systems by scanning for malware and stopping executable code from entering enterprise networks through email. Web security has centered more on preventing users from accessing certain types of content.

Roger Thompson, a seasoned security researcher who is the CTO at Exploit Prevention Labs (www.explabs.com), agrees. Throughout his 20-year career in the security industry, Thompson has also witnessed backdoors and Trojans morph into an organized network of crime, costing global organizations billions of dollars annually. According to Computer Economics’ “2007 Malware Report,” the total cost of damages due to malicious code reached $14.2 billion in 2005.

Ryan Hicks, who heads up EarthLink’s (www.earthlink.net) spyware research team, concurs. “If you look over the years, what used to be the primary threat was replicable code—Trojans were a concern, but not a big one. Now if you look at it, the technology behind Trojans is at the top of everyone’s list.”

“Traditionally, the Web security has taken a backseat to other security considerations,” says Alperovitch. Recognizing this, criminals’ techniques have evolved, and what they have discovered is that they are able to obtain a much higher return on investment by distributing Trojan horses and backdoors via Web sites.

According to Thompson, “So much is built on the browser. When you open a browser, you’re creating an instant tunnel right through the firewall. Firewalls are really good at keeping out network worms, and email filters are good at keeping out email worms, but when you open a browser, you’re authorizing pretty much whatever wants to go on to come straight through the firewall.”

Previous article - Next article

Other articles
2009/11/3 14:55:39 - BitDefender Top Ten Malware Threats for October 09
2009/11/3 14:29:38 - Nov. 09 Microsoft Security Intelligence Report
2009/10/7 15:19:17 - StopSign AntiVirus and Anti-Malware is Windows 7 Compatible
2009/10/7 15:11:26 - New Outlook Backup and Migration Software By Disk Doctors
2009/9/30 4:20:57 - Microsoft Security Essentials, FREE Security Tool Just Released
2009/9/28 14:31:52 - New Rogue Antispyware Cloaked To Infects Computers
2009/9/9 4:31:49 - Trend Micro Proves Leadership in URL Filtering and Web Security
2009/9/9 4:16:20 - New Free Tool to Clean Conficker Once and For All
2009/9/1 8:37:11 - Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010 Out Now
2009/9/1 7:54:50 - NEW P2P Advertising Network Protects Users Against Lawsuits And Identity Theft

The comments are owned by the poster. We aren't responsible for their content.