Virus writers wreak havoc by the hour

CeBIT: Kaspersky Labs recently found itself in a 12-hour battle against the creator of the Bagle worm, as virus writers up their game

Virus writers are updating their creations by the hour in a bid to outwit antivirus companies.

Russian antivirus company Kaspersky Lab claims it thwarted 12 versions of the Bagle worm in 12 hours last month after whoever created it tried to beat the company's security team by consistently altering versions of the worm.

"For every one of our hourly updates, they had an update," said Eugene Kaspersky, head of antivirus research for the company, told a press conference at the CeBIT trade show. "After a dozen or so attempts, or so it seemed, they began to get sleepy."

Kaspersky believes that virus writers are increasingly testing their wares against antivirus protection before sending them out over the Internet.

"The bad guys have started to pay attention to the most popular antivirus," he said. "Before releasing a Trojan, they test it on antivirus products."

Kaspersky also said his company research had found that hackers were targeting small groups of people — often just a few thousand — rather than attacking millions as in the global virus epidemics of the past. He said this was because hackers were trying to avoid police detection.

"The police were quite active last year," he added. "About a hundred crackers were arrested. Hackers don't want to be caught by the police, so we don't get 50 global [virus] outbreaks a year — we have thousands of [smaller] attacks."

For a look at the fun side of CeBIT, check out our CeBIT Digital Living special. Or visit ZDNet UK's CeBIT Toolkit for more enterprise technology stories and pictures from the show floor.