Sophos: Brace up for more Trojans

The security vendor estimates that Trojan horses account for nearly two-thirds of all new malware this year, and warns there'll be more to come.
Written by Staff , Contributor

Although Windows-targeted worms are still the most menacing threats, Trojan horses account for nearly two-thirds of all new malware this year, according to a new report released by Sophos.

The security vendor's latest Security Threat Management Report 2005 also estimated that the number of new threats rose by 48 percent, from 10,724 in 2004 to 15, 907 in 2005. The biggest month-on-month increase in malware threats--at 1,940--was recorded last month.

"The enormous rise in the number of new threats shows that 2005 has been anything but quiet on the malware front," said Graham Cluley, senior technology consultant at Sophos, in a media statement.

Windows-based worms dominated all the top 10 positions in Sophos' list of most malicious viruses in 2005. Zafi-D took top rank with 16.7 percent rate of infection, followed by last year's leader Netsky-P with 15.7 percent, and Sober-Z at 6 percent.

But while Trojan horses did not make the top 10 list this year, Cluley noted that the number of new Trojan-based exploits was far more than the number of new Windows-targeted worms.

Trojans constituted 62 percent of all new malware threats monitored by Sophos, while worms made up 35 percent.

The report also revealed that an average of one in 44 e-mail messages was virus-infected, and up to one in 12 e-mail contained a virus during major outbreaks such as last month's Sober worm attack.

Cluley explained that malware authors are increasingly turning to targeted attacks via infected computers. "By focusing their efforts on a smaller number of victims, cybercriminals can target them with bespoke malware, increasing their chances of slipping under the security net," he said.

The report also suggested that in addition to attempts to be more discreet, malware authors are turning to targeted attacks for a practical reason--they can better manage the amount of stolen data. Cluley reiterated that the increase in malware is reflective of the profit-making intent by criminal gangs.

The report also noted a growth in the number of worms and Trojan horses that steal credentials from players of massive multiplayer online role-playing games, to make a profit out of selling "stolen" virtual goods. However, it indicated that such cases are still uncommon, and most criminal activity remains in the areas of spyware, phishing and Internet fraud.

According to Sophos, more Trojan horses will spring up in 2006. The report predicted that there will be an increase in the use of Trojan horses in targeted attacks against specific victims next year.

Editorial standards