2005-09-02

New trends in malware

First off, it has been over two months. A busy, busy summer has unfortuantely made me put this project on the back burner. I'm hoping to reverse that trend in the coming weeks as I attempt to work an update into my Monday morning routine.

Administrative notes aside, this week saw two important revelations in malware. The first is one that has the most broad implications, and is merely a foreshadowing of darker days ahead. F-Secure reported that the Commwarrior.B virus took out nearly all of a Scandanavian company's cell phones a week ago Wednesday, according to C|Net. This is just months after a WDSGlobal expert claimed that the threat is overblown, citing internal data that such viruses accounted for only 0.0036% of all of that company's support calls. What's important here is the difference between the current threat and the future threat. While the current state of affairs is such that these infections are relatively rare, the atmosphere is as ripe as it could be for a major, major problem in the not-too-distant future, and necessitates security professionals begin thinking about what to do when that time comes. Features are being added to mobile phones at a bilstering pace, making them behave more and more like portable computers than simple telephony devices. Want proof? Many believe that Apple is set to release iPod-like phones with a major phone manufacturer any day now. As these new features are rapidly added, history shows us that security takes a back-seat to features and shortening time-to-production. Hopefully, history will not repeat itself here.

A second uncelebrated, but important piece of security-related news in the past week was the linking of an individual suspected of authoring the Zotob worm to a credit card fraud ring. For over a year, security experts have been warning that the identity theft and malware underworlds were colliding. Recently, the public has finally begun to see that in cases like the CardSystems ID theft. This marks the first major malware outbreak, to my knowledge, that has been linked by law enforcement authorities to an identity theft ring. Moreover, the suspect, Farid Essebar, is also believed to have had a hand in 20 other pieces of malware. This could be the groundbreaking case that offers the public a rare glimpse of the collision of two underground groups, and is worth following.

No comments: