Malware authors have stepped up production rates still further in their efforts to overwhelm anti-virus defences with banking Trojans and other crud. During the first three months of 2011 an average of 73,000 new strains of malware have been created every day: 10,000 more than during the same period last year, according to stats …
A time in the late 90s when the *total* number of known viruses jumped overnight from 22,000 or so to 42,000, because some plonker cranked the handle on one of the virus generation kits 20,000 times, blew the result onto a CD, and sent it to one of the main AV firms.
That's 22,000 *total*, not +22,000 per day, mind you. (Well, except that day, duh.)
Over the last few weeks I have seem a huge increase in trojans / rootkits. Most have managed to turn off paid for and commercial AV solutions.
They seem to be related to banner sites as in all cases they type of sites that these people go to are not your warezy sleezy types, but are just plain run of the mill sites.
Im getting about 3 systems a day that are infected and remoting into at least 2 a day.
Its never been this bad before
If you are seeing this much evil you are obviously doing something VERY wrong.
Security is needed at ALL layers.
True, but....we don't know to whom AC #1 has to deal with:
Situation #1 is he/she is plodding along with a lame security set up and fending off irate users taken by surprise when their Windows box is hosed yet again.
Situation #2 is they are doing all that is humanly possible, but are faced with a combination of witless pointy-haired bosses and complete lusers who manage to pull defeat from the jaws of victory every time by running as admin and acting like an utter moron (or allowing their .kids free reign as admin as well)
Who knows? Should we ask tux?
banking Trojans and anti-virus defences
> Hackers and their virus-writing allies are increasingly targeting vulnerabilities in Java in their persistent attempts to break into computer systems, the net security giant warns. Attack toolkits, such as The Phoenix, automate Java-based attacks that work against multiple browser platforms.
Like, can I see a fully working demo of these multi platform automated Java-based attacks?
> The latest edition of Symantec's internet threat report can be downloaded here ..
Is it safe to download this PDF ..
@banking Trojans and anti-virus defences
"Is it safe to download this PDF"
You've got to ask yourself one question: 'If I use Adobe software, do I feel lucky?' Well, do ya punk?
Me, what i do
is respond...When i get the ubiqutous "we need to verify your bank details" i go and fill it in with junk but "real" data....
Of course, i'm clued up and my pc is well hardened against such basic attacks but if i can make them waste their time processing my false details then so much the better. If more people did the same then they (malware writers) would spend so much time trying all the false info it would make it not worthwhile for them to actually key the data in in the hope of finding some victims genuine numbers.
So, for the 30 seconds it takes to do so, i suggest you give it a go.
81 Trumpton road
United States of England.
Add remaining ficticous account details as needed....
May I suggest
End of antivirus
No way can any security business intelligently analyse this number of new threats per day. I expect the leading firms have automated difference detectors using numerous virtual machines to check samples out. As to the quality of signatures generated by such means when this malware morphs at that kind of frequency, well that's anyone's guess.
There has to be a better way of protecting systems than being able to detect everything that might be bad. How about having a group of people sign a large and useful enough collection of software known to be good ? Put this signed code into a repository, making it so your operating system can easily install from tens of thousands of such signed applications which meet all likely needs and making it so only relatively expert users find it easy to install anything else ? Now where did I hear about this approach before ?
China, Thailand and Taiwan leading the world in malware
And those are the countries that widely implement Carrier NAT, and whose residents generally struggle to afford a computer at all.
Carrier NAT means instead of one residence having an IPv4 address, the address is instead shared by over 100 customers. One of them transmits a virus or spam email, how do you know which one it was? You going to log each and every IP datagram?
If the world just pushes forward with Carrier NAT, I can see us looking back to this day, and thinking 50,000 viruses a day being small!
That, and I think Microsoft's attempts in dumbing down the OS rather than improving the security model is a big factor too. I wonder what OS we'd have from them today, if intead of buying QDOS all those years ago, they instead picked up their in-house developed Xenix OS and used that as the basis for the OS for the IBM PC.
An anti- virus scan in the year 2019
[Please wait while we scan your computer]
[.............. 23,125 minutes remaining]
"A batch of 10,000 bot-infected computers can be yours for as little as $15 via underground forums, Symantec adds."
... cloud computing.
- Fee fie Firefox: Mozilla's lawyers probe Dell over browser install charge
- 20 Freescale staff on vanished Malaysia Airlines flight MH370
- Neil Young touts MP3 player that's no Piece of Crap
- Review Distro diaspora: Four flavours of Ubuntu unpacked
- Sysadmins and devs: Do these job descriptions make any sense?