Finjan has confirmed fellow IT security vendor F-Secure's
analysis that botnets are getting smaller, as criminals seek to ensure
their botnet swarms evade detection.
"F-Secure's assertion is in line with our own trends
analysis," said Yuval Ben-Itzhak, the CTO of Finjan.
"Our latest that there are numerous new attack vectors that
raise the number of Trojan infections that create botnets. In fact
viruses have barely changed over the last year they are usually a slight
variation of a previous version which are then disguised using code
obfuscation techniques. The focus has now moved on to the crimeware
toolkits that generate the infections more easily and with greater
force. The resultant botnet swarm potential from such infections is
significant," he added.
Ben-Itzhak's comments come in the wake of a report from
F-Secure that criminal gangs are splitting their hornets into smaller
groups in a bid to create a multi-swarm attack that can still escape
detection.
These botnets are then rented out, says the IT security vendor, for
as little as $100 for a few hours.
"By escaping detection in this way, criminals can effectively
fly their rented botnets in under the security radar, and ensure the
swarm hits the relevant Web sites with devastating results. This is a
potentially serious evolution in the world of botnets. The change in the
web security status has proven to be a difficult task to tackle for
traditional security companies. The best way to detect modem malicious
code is to be able to understand in real-time what the code intends to
do, before it does", said Ben-Itzhak.
www.finjan.com
COPYRIGHT 2007 A.P. Publications
Ltd. Reproduced with permission of the copyright holder. Further reproduction or distribution is prohibited without permission.
Copyright 2007, Gale Group. All rights
reserved. Gale Group is a Thomson Corporation Company.
NOTE: All illustrations and photos have been removed from this article.