Slashdot Mirror

← Back to Stories (view on slashdot.org)

Future Trends of Malware

Posted by CmdrTaco on from the something-to-read dept.

An anonymous reader writes "What are the driving forces behind the rise of malware? Who's behind it, and what tactics do they use? How are vendors responding, and what should organizations, researchers, and end users keep in mind for the upcoming future? All these questions and more are answered in the well written (MHO) Future Trends of Malware"

13 of 179 comments (clear)

  1. 56% increase in trust in AntiVirus by CrazyJim1 · · Score: 5, Insightful

    It seems like parents everywhere trust their AntiVirus to stop everything. When they get spyware, and you tell em you got to remove it, they'll retort,"Oh, just run Mcaffee". The funny part that we all know here is that there are too much malware out there for one Antivirus software to stop and they keep coming. To me, Antivirus software seems a lot like SnakeWater.

    --
    God spoke to me.
  2. Key summary points and conclusion by millwall · · Score: 5, Insightful

    Key summary points
    --------------
    Malware authors update their multi-vendor anti virus signatures faster than most end users and enterprises do altogether

    The high pressure put on malware authors by the experienced vendors is causing them to unite efforts and assets, and realize that it's hard to compete on their own. Yet this doesn't stop them from waging a war in between

    Intellectual property theft worms have to potential to dominate in today's knowledge-driven society acting as tools for espionage

    Don't matter what you always wanted to do to ecriminals, in case of a cryptoviral extortion, you'll be the one having to initiate the contact

    The growing Internet population, E-commerce flow, and the demand for illegal/unethical services, would fuel the development of an Ecosystem, for anything, but legal

    The "Web as a platform" is a powerful medium for malware attackers understanding the new Web

    The unprecedented growth of E-commerce would always remain the main incentive for illegal activities

    7.0 Conclusion
    --------------

    I hope that the points I have raised in this research, would prove valuable to both end users, businesses and anti-virus vendors. The Internet as a growing force shaping our ways of thinking and living is as useful, as easy to exploit as well. The clear growth in E-commerce, today's open-source nature of malware, the growing penetration of the Internet in respect to insecure connected PCs, are among the main driving factors of the scene. Do your homework and stay ahead of the threats, most of all, less branding when making security decisions, but high preferences! Please, feel free to direct your opinions, remarks, or any feedback to me, at dancho.danchev AT hush.com or at ddanchev.blogspot.com where you can directly comment on my publication. Nothing is impossible, the impossible just takes a little while!

  3. Is this a college paper? by kook44 · · Score: 4, Insightful

    Horribly written, lots of (mostly) un-referenced statistics without any analysis. Rambles on without any real point. Anything groundbreaking here?

  4. One word: Legitimization. by Caspian · · Score: 4, Insightful

    Malware meets so many of the deep desires of the marketing world (and the corporate world in general). It can provides market data in bulk, practically "for free" (from the company's perspective). It can provide a further degree of control over a user's computer. It can enforce DRM. It can force ads on people.

    Thus, I can only conclude that the future of malware is for it to go from something created by shady companies like Gator (a.k.a. "Claria") and 419WebSolutions (or whatever) to something created (or at least branded) by "household name" companies like HP, Dell, etc. A first step towards a future in which major corporations embrace malware has already occurred; just look at all the crap Dell shovels onto their much-maligned default software installations.

    --
    With spending like this, exactly what are "conservatives" conserving?
    1. Re:One word: Legitimization. by bhima · · Score: 3, Insightful

      Over the course of the past 2 years my entire extended family has switched to Apple products. I find it interesting that well over half of them have not installed a single package beyond what is on them to begin with. And *ALL* of them objected to the useless and annoying crap on their previous big name WinTel boxes.

      Why is it that Apple can figure out what regular people want and HP & Packard Bell saddle people with crap?

      --
      Nothing in the world is more dangerous than sincere ignorance and conscientious stupidity.
    2. Re:One word: Legitimization. by Caspian · · Score: 5, Insightful

      Oh yes, I almost forgot! Another word: "Sony". Their rootkit is the future. Sure, people bitch now, but in time, the companies will either find a "compromise" solution that infuriates people less (for instance, a rootkit without horrific security flaws), or simply establish rootkits and other malware as the "industry standard", critics (read: angry geeks) be damned.

      --
      With spending like this, exactly what are "conservatives" conserving?
  5. P2P worms? by sczimme · · Score: 4, Insightful


    From the article:

    modular - new features are easily added to further improve its impact, want it to have P2P propagation capability, add it, want it to disseminate over IM, done.

    Okay, malware can be modular - makes sense.

    The lack of P2P worms is, I think, a logical consequence of the RIAA's busts around the U.S, and the global response towards P2P networks copyright infringement.

    How did the author manage to come to that "logical" conclusion? How is the presence (or !presence) of malware related to the "global response... copyright infringement"?

    Given today's P2P concepts, and the disruptive BitTorrent technology, it is not longer required to on purposely slow down transfers to hide the activity on a user's host.

    And where the heck is he going with this??

    Submitter, if this is your idea of "well written", I respectfully suggest you broaden your literary scope.

    --
    I want to drag this out as long as possible. Bring me my protractor.
  6. What if we sandbox major apps like browsers? by Dr.+Manhattan · · Score: 4, Insightful
    We already put servers in their own groups (e.g. an httpd running as "www-data" or something). What if we made similar limitations for user-level apps. Something like this.

    user1 is member of group "users" and "user1group", "user1Firefoxgroup", etc.

    Firefox is user "user1Firefox" and a member of "user1group" and "user1Firefoxgroup".

    Thunderbird is user "user1Thunderbird" and a member of "user1group" and "user1Thunderbirdgroup".

    In /home/user1 is a directory called "protected_applications" owned by user1:user1group with "rwxr-x---" permission. General config information common to all apps goes in here, probably only readable, not writable, by "user1group". Below it are subdirectories like "Firefox" (owned by "user1Firefox:user1Firefoxgroup" with permissions "rwxrwx---". Maybe some sticky bits set.

    This way the apps can only write to and read from their own little subdirectory tree, and not any of the others, but the main user can read and write to any of the subdirectories.

    It wouldn't solve everything, but it would help limit further the damage malware could do. It could access (and corrupt) the data for the particular application it suborned, but without exploiting secondary holes it couldn't do more. This would prevent, say, a hole in Firefox from allowing malware to get at your Gnucash data. It also doesn't require much any new permission-checking code, the kernel already does file-access checks anyway.

    --
    PHEM - party like it's 1997-2003!
  7. Seems kind of pointless... by Nephroth · · Score: 4, Insightful
    They put an an awful lot of effort into saying something that could be summed up in just a few words:

    Malicious software can make money now, that which makes money attracts sellers.

    It's that simple, whereas in the past malware was mostly out of a quest for fame or percieved revenge, the malware of today is business malware, the nasty programs of old all dressed up in suit and tie and making someone filthy rich.

    This problem is exacerbated by the fact that nearly everyone runs Windows XP these days and Microsoft wasn't very attentive to security when they designed it. The sheer number of critical vulnerabilities that the operating system has is mind boggling. Recently, it was stated by some firm or another that Linux had released more patches than any other OS this year. Now, aside from the obvious problem with that statement (the patches weren't patches for Linux itself but for software in common Linux distributions, which is vastly greater in number than that of a Windows installation) if you look at the things patched, they aren't terribly dangerous. They are things like "potentially vulnerable to DNS attack" or "Local user can gain partial root privileges" and such, they are not like "Someone on the other side of a planet can send you a magic packet that makes your computer their bitch permanently," which is what the vast majority of Windows vulnerabilities allow.

    In short, malware has grown because malware is like any pathogen, it lies in wait until conditions are optimal for its growth and when they are it takes over quite rapidly. Remove one of its primary growth factors, and you'll slow it down. Remove more, and you'll potentially kill it.

    --
    Our greatest enemy is neither a single man, nor is it a nation, it is, as it has always been, our own greed.
  8. simple solution by g-to-the-o-to-the-g · · Score: 3, Insightful

    Its really easy to fix: don't use winders

    --

    Hi there

  9. Malware is becoming dangerous by Mr.Fork · · Score: 4, Insightful

    From my point of view, a security specialist, is that only 20-30% of the attacks on businesses and corporations are done electronicly from the outside, the rest (70-80%) are inside, mostly disgrunted employees. With the current trend of money/public focused companies treating employees like crap, all it would take is a vicious malware application to take them down.

    Malware is also becoming intelligently designed, no longer the 'see-this-famous-tennis-star-naked so-I-can-use-built-in-vbs-code to-email-everyone-in-your-addressbook' stupid-is-as-stupid-does tricks. They're pointed, direct, and very very scary.

    Here's to paying and treating your geek employee well!

    --
    Management is doing things right; leadership is doing the right things. - Peter F. Drucker
  10. WTF does this mean? by gkuz · · Score: 3, Insightful
    FTFA: "Do your homework and stay ahead of the threats, most of all, less branding when making security decisions, but high preferences!"

    Could the person who called this article "well-written" be so kind as to tell me what this means? The article is filled with crap like this; I'd give it a C-, at best, as a freshman paper.

  11. Re:Daemon Tools by HappyDrgn · · Score: 3, Insightful

    "did nobody have any right to say that Sony should not include a rootkit in the software"

    You're comparing apples to oranges here. The difference with Daemon Tools is that it gives you an option to not install additional software and when you tell it no thanks that is the end of it. In the case of Sony's rootkit however there was no option to not install this extra software. The problem most people have with this is not that the software was there in the first place, but that the installer used vague wording to conceal what will actually be installed and if you told it not to install the software it did it anyway.

    "Does nobody have the right to say that Microsoft Windows should be better quality?"

    Yes. With your pocket book. You may be able to do the same with Daemon Tools. The author is obviously looking for some kind of compensation for untold hours of hard labor. Why not make a donation for the days, weeks, years of use you got out of it? Alternatively, as someone else suggested, why not ask the author to make a paid version instead of including extra software? Just because it's free does not make it afraid of money.