In association with heise online

18 September 2009, 12:32

Internet security - many PC infections are long term

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

According to an analysis of 100 million dodgy IP addresses by anti-virus software vendor Trend Micro, infected PCs often stay infected for long periods of time. Half of the PCs behind these addresses had been infected for at least 300 days and four out of five had been infected for at least a month or had multiple infections. The peak infection period was found to be two years. According to Trend Micro, the most common pieces of malware found were Koobface, Ilomo and ZeuS/Zbot.

Anti-virus software appears in many cases to be ineffective in preventing or detecting infection. For example, Zeus uses rootkit techniques to conceal itself from anti-virus software. According to an analysisPDF of 10,000 infected PCs by Trusteer, more than half are running up-to-date anti-virus software.

Trusteer assesses Zeus as currently the most effective trojan to focus on online banking data. It's able to spoof genuine banking websites by injecting HTML code into the user's browser. It sends PINs, TANs and other data entered by the user in real time, in part through the use of an integrated instant messaging client.

According to botnet specialists Damballa, Zeus is in the number one spot in the US with 3.6 million infected PCs, closely followed by Koobface with 2.9 million. According to Trend Micro, a smaller number of bot herders are controlling a larger number of infected computers than previously thought. They estimate that cyber-criminals have more computing power at their disposal than all the world's supercomputers combined.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit