Malware attacks to soar

Johannesburg, 11 Sept 2007

Malware (malicious software) threatening home PCs is expected to increase by 132% over the coming year.

This is one of the key findings of an international CA mid-year Internet Threat Outlook Report, based on data from a global team of malware researchers.

According to the latest report by the IT management software company, 3% of malware threats from January 2007 to June 2007 were Trojans, 18% were worms, 4% were viruses, and 13% were other types of malware.

CA says home PCs' exposure to malware is growing "as the PC becomes the family communications and entertainment hub".

Home PC users are urged to educate children on PC safety concerns. "Even though they [children] may be more adept at using the Internet than their parents, they tend to be far less diligent about practising safe online computing," states the report.

A second key finding is that identity theft attempts are becoming more targeted. The report speaks of "spear-phishing", where phishers are shifting from pure opportunism, to "spearing" specific individuals based on age, socio-economic status, etc.

CA reports that almost 3.25 million individuals discovered their personal information has been used to apply for credit cards in the period since January this year.

The social side

Online gaming is also seen as an increasingly vulnerable target for malware attacks. According to the CA report, "stealing online gaming accounts will become as profitable as stealing bank accounts" in the coming 12-month period.

"Gamers are under siege. The second most common malware seen this year is designed to steal gaming passwords. Characters and virtual money are sold on underground Web sites that rival legitimate commodity markets."

Finally, CA says social networks are "under fire for security weaknesses". The company explains that "not only are they [social networks] subject to the same weaknesses as Web sites - SQL injection, cross-site scripting attacks and forgeries - but the ability to create Web pages allows a criminal to post malicious code".

The report says "on a social network, attacks move faster because everyone is interconnected. Mobile social networks can also be easily attacked - providing information for stalking and other crimes."