http://www.informationweek.com/news/showArticle.jhtml?articleID=204701370
Link: Malware Doubled In 2007; Next Year Isn't Looking Better – Online Secuirty – InformationWeek.
"At the start of 2007, computer security firm F-Secure had about 250,000 malware signatures in its database, the result of almost 20 years of antivirus research. Now, near the end of 2007, the company has about 500,000 malware signatures.
"We added as many detections this year as for the previous 20 years combined," said Patrik Runald, security response manager at F-Secure.
F-Secure's report on 2007 threats isn't a pretty picture. Beyond the explosive growth of malware, the year also saw the emergence of the Storm worm, a catch-all term for a series of related backdoor Trojans and e-mail worms that have been distributed to create a massive peer-to-peer botnet. (((Storm is a catch-all bunch of techniquews, but a very tight bunch of guys. They seem to know better than to brag.)))
Shortly, F-secure expects the gang behind the Storm worm to open its botnet for business, renting access to other cyber criminals.
The F-Secure report also notes that Trojans that steal online bank login information and Trojans that steal passwords from online games became more popular in 2007 and will likely continue to do so in 2008. Runald notes that F-Secure is detecting 10 to 40 new variants of banking Trojans every day.
Apple products came under increasing attack in 2007. "We're seeing a lot more activity on Macs," said Runald, noting QuickTime exploits became more prevalent. "QuickTime is now installed in so many PCs, thanks to iTunes, that it has become a target."
F-Secure's report notes that rising Mac market share and Safari's availability for Windows and the iPhone have also encouraged cyber criminals, like those responsible for Zlob spyware, to try to exploit vulnerabilities in Apple software and hardware.
Data base breaches were big in 2007, with ongoing revelations about the scope of the TJX breach, the U.K. government's loss of some 25 million records about its citizens, and a spear phishing attack that netted a list of Saleforce.com customers.
"Personal information available for exploit is everywhere," says F-Secure's report. "With the popularity of social networking sites it's ever more readily available to the bad guys. We'll see more bulk targeted attacks via spam as database leaks are used to enhance social engineering during 2008." (...)
