X
Tech
Home Tech Services & Software Collaboration

More malware means good news in security fight

While the volume of malware threats has spiked recently, one expert believes that this is a good sign, with cybercriminals having to resort to increasingly desperate measures to get a result.
Written by Marcus Browne, Contributor

While the volume of malware threats has spiked recently, one expert believes that this is a good sign, with cybercriminals having to resort to increasingly desperate measures to get a result.

A security report released today has shown that a new Trojan horse, PDFex, has crashed into the top three e-mail based malware threats in the last month, after a mass spamming campaign involving a mass-mailed PDF with links to malicious content.

"It's an interesting vulnerability," said Paul Ducklin, head of technology at security firm Sophos, who believes that PDF spam reflects a trend among cybercriminals to use increasingly sophisticated techniques to target users: in this case manipulating social engineering rather than technical vulnerabilities.

"PDF has a little bit more prestige for users ... people trust this file type more than others," he said.

Ducklin suggested that the fact that cybercriminals have been forced into taking steps like these is good evidence that security has improved, despite drastic increases in the overall volume of threats online.

"What we've got here is a bit of a paradox," he said. "The yield rates are a lot lower than what they used to be so cybercriminals have to try a lot harder."

"For one thing this means that they've had to cast their nets wider and pump out a vast amount more than they once had to," said Ducklin.

"Secondly, it means they've had to employ increasingly complicated tactics to expose people, such as this PDF Trojan, which relies first on a user opening the file, then clicking on a link that redirects them to malicious content, where they then have to choose to download the file," he said. "The fact that it sounds complicated can be taken as a sign that we're beginning to do very well."

According to Ducklin, the security found in most current operating systems now has enough to prevent many typical threats.

The report also indicated that Web-based attacks still pose a significant threat, with Mal/Iframe being responsible for almost seven out of 10 infections found on the Web.

The report quoted figures detecting an average of 5,200 newly-compromised Web pages hosting malicious code each day.

Editorial standards
Show Comments

Related

AI coding concept

Can Meta AI code? I tested it against Llama, Gemini and ChatGPT - it wasn't even close

Home Assistant logo

Move over, Alexa and Homekit: A new Assistant is here to open-source your smart home

ibm8gettyimages-1659447431

The best free AI courses (and whether AI 'micro-degrees' and certificates are worth it)