Table of Contents
Technology Focus: Storm
Technology Focus: MPack
The overall trends in spam and malware can be characterized by a larger number of more targeted, stealthy and sophisticated attacks. Specific observations include:
- - Spam volume increased 100 percent, to more than 120 billion spam messages daily worldwide. That's about 20 spam messages per day for every man, woman and child on the planet.
- - Spam has become more dangerous. Earlier versions of spam attacks were primarily selling some type of product. In 2007, more than 83 percent of spam contained a URL to a rogue Web server that was frequently serving malware. In accordance with a trend towards the blending of different malware techniques, URL-based viruses increased 256 percent.
- - The "Self Defending Bot Network" was introduced. The Storm Trojan is perhaps one of the most sophisticated botnets ever observed. It uses a peer-to-peer (P2P) control scheme to avoid a single control node that would give it away. When researchers or security vendors probe Storm-related Web servers, the Storm Trojan will launch a DDoS attack and relocate the Web server. The quality of the websites delivered by Storm, and the remarkable technical sophistication of the underlying peer-to-peer network, reflect that these threats are being developed by professional engineers.
- - Viruses no longer make headlines, because virus writers have evolved from the previous mass distribution attacks such as Netsky and Bagel. In 2007, viruses where much more polymorphic and typically associated with the proliferation of very sophisticated botnets such as Feebs and Storm.
- Cisco 2008 Annual Security Report