Hackers get smarter

By Alex Kayle for Kaspersky
Johannesburg, 20 Mar 2009

Malware 2.0 has been replaced by a new conceptual model: that of huge distributed botnet systems, according to research conducted by Kaspersky Lab.

This model, created by Russian hackers, has proven to be both highly effective and reliable, according to Kaspersky in its 'Security Bulletin: Malware evolution 2008' research report.

Kaspersky states in its report that the model is characterised by the absence of a fixed botnet command and control centre, and uses strong cryptographic algorithms to communicate with machines in the botnet. The centre either constantly migrates from one IP address or server to another, or may simply exist for a certain period. There's now a system for creating random addresses for the command and control centre, which makes it possible for cyber criminals to both prevent the centre from being detected and brought down, and to choose where the centre should be located.

“These technologies are closely linked to distributed computing and the creation of systems, which work under significant loads with huge volumes of data. Such technologies are also used in search engines and as the basis for 'cloud computing' technology, the use of which has grown among many anti-virus companies,” the company says.

Kaspersky claims the increased competition between cyber criminals and the drive to infect as many computers as possible will lead to a migration of threats to platforms previously not commonly targeted. This will affect all non-Windows platforms, but the impact will be felt by Mac OS and mobile platforms first, the company predicts.

According to a Kaspersky statement, previously, malicious programs targeting these platforms were proof of concept code. Today, their market share is large enough for them to be of interest to cyber criminals. There are also numerous unresolved security issues relating to these platforms, and users are not generally prepared for attacks by malicious programs.