Security company Kaspersky Labs says 2002 saw a "drastic" increase in the number of commercial viruses designed specifically to steal confidential data and passwords as part of corporate espionage.
In its annual review of security and virus activity for 2002, the company also highlights the Klez worm, which dominated virus lists, and the first real worms affecting open source platforms like Linux and FreeBSD.
The report says Klez, first discovered in October 2001, accounted for more than 60% of virus reports received by the company. As many as 10 variations of the Klez worm were reported over the course of 2002, including Klez.H discovered in April last year and Klez.E found in January.
Number two for 2002 was the Lentin worm which accounted for the majority of the remaining infections for the year. The company says while Lentin may have lagged Klez in 2002, it is likely to hit the number one spot early in 2003.
"Despite lagging behind Klez ... for the entire year in terms of registered infections for 2002, Lentin stands a real chance in 2003 to battle its way to the highest position. Data for the final three months of 2002 show Lentin already moving past Klez in number of registered incidents."
Perhaps the most worrying trend the report highlights is that the top four positions in the year's list are taken by worms that exploit the Internet Explorer IFrame vulnerability. The vulnerability was first discovered and patched in March 2001 by Microsoft and yet continues to be one of the most popular exploits. Indications are that users continue to run computers without the patch, spreading worms unnecessarily.
The report also highlights a trend away from network worms (those that typically spread through e-mail) towards an increase in trojans and viruses. "Data indicate that users have begun to pay more attention to protecting e-mail, the main source of network worms. However, the ... relative growth of other types of malicious programs affirms that users don't view them as a threat and therefore don't protect themselves from them."
E-mail still dominates as a method for spreading malware and in 2002 accounted for more than 96% of incidents. Only 2.3% of infections were transmitted through the Internet via FTP, P2P, Web sites or IRC channels, while only 1.3% spread through disks and CD-ROMs.
"We must not forget to mention the drastic growth of the so-called commercial viruses which demonstrate a clear commercial purpose, namely the theft of confidential data, financial information and passwords."
The report says 54% of the trojans reported in 2002 were unauthorised administration utilities and backdoor access programs. Password-stealing trojans accounted for close to 18% of reported trojans and 28% performed specific tasks on target machines.
Access the full report here.
Share
