The 12-minute Windows heist

Highlighting the increasing speed of online attacks in research covering the last six months of virus activity, the vendor said the news was mostly grim.

Authors of malware such as spam, viruses, phishing scams and spyware increased both the volume and sophistication of their assaults, releasing almost 8,000 new viruses in the first half of 2005 and increasingly teaming up in joint ventures to make money. The new-virus figure is up 59 percent on the same period last year.

"With financial gain rather than notoriety becoming more of a motivation, spammers and virus writers have been drawn together with more traditional criminal elements," said Sophos Australia and New Zealand senior technical consultant Sean Richmond.

While the usual virus culprits like Zafi-D, Netsky-P and Sober-N came under the spotlight, Sophos said growth in Trojan attacks -- where malicious software allows a remote attacker to gain backdoor access to a PC -- was perhaps the most significant development in the malware-creation field.

"Sophos has seen a three-fold increase in the number of key-logging Trojans so far this year," the company said. "Trojans are delivered to target organisations via e-mail attachments or links to Web sites. They are often used by remote hackers to steal priviledged information, and very often to launch further attacks."

"Businesses in Australia and New Zealand mostly have it right when it comes to protecting their desktops, servers and gateways," said Richmond. "On the other hand, we've seen significant numbers of unprotected home computers become zombies for spammers,"

Richmond praised the Australian telecomms regulator for its recent move to press charges against Perth-based alleged spammer Wayne Mansfield. Mansfield is one of Australia's most notorious Internet marketeers and stands accused of sending at least 56 million -- mostly unsolicited -- e-mails in the period after the Spam Act was enacted in April 2004.

Events further afield also caught Sophos' attention, as it highlighted several recent prosecutions of virus and privacy-related Internet crime.

One dealt with the impending trial of German teenager Sven Jaschan, who has admitted writing the Netsky and Sasser worms, while another involved the arrest of a Cypriot man who was spying on a 17-year-old girl via her own Webcam.

"Four United Kingdom phishers were also jailed this week," said the company.

• Related stories

• Alerts

Add your opinion

Boycott Dell, HP, Gateway. Someday people are going to realize that it's the computer OEMs to blame for install a crappy operating system. Companies like Dell, HP, and Gateway do NOT offer CONSUMERS an non-Microsoft choiAnonymous -- 01/07/05

Boycott Dell, HP, Gateway.

Someday people are going to realize
that it's the computer OEMs to blame
for install a crappy operating system.

Companies like Dell, HP, and Gateway
do NOT offer CONSUMERS an non-Microsoft choice.

Sure, they COULD provide an operating system
that doesn't have the malware problems that Windows has, BUT THEY DON'T.

Companies like Dell, HP, and Gateway
CONTINUE to maintain Microsoft's desktop monopoly.

I suggest boycotting these companies
until they do offer consumers a choice.

• Reply to comment
• Reply to story
• Report offensive content

Anonymous comments carry NO weight! Forget about the OS, most infections are caused simply by illinformed or lazy users not having adequate virus and spyware protection and not keeping their scanners up to date. So many people using Norton Anonymous -- 01/07/05

Anonymous comments carry NO weight!

Forget about the OS, most infections are caused simply by illinformed or lazy users not having adequate virus and spyware protection and not keeping their scanners up to date.
So many people using Norton AntiVirus is a godsend to virus crators as its just so damn bad at detecting infections.
AVG, Avast, Adaware and Spybot are now absolutley neccessary utilities and any PC without them will sooner or later fall foul of these ****s who somehow believe its okay to infect PC all over the world with their crap!

As far as I'm concerned, the more people that fall foul of phishing scams the better. Hopefully they'll get the picture that they just aren't smart enough to use the net effectivley and cancel their internet services.

This also covers ALL users of AOL.
A bunch of less inteligent computer users you'll never find (outside of government). Its these idiots and their unprotected PCs which contribute to the worldwide spam, adware and virus distribution headaches as their insecure PCs send out thousands of these rogue programs to everyone else.

• Reply to comment
• Reply to story
• Report offensive content

and it takes YAST more than an hour to download all the patches for a Novell desktop SUSE 9.2 install, so what is the point here....everybody is vulnerable for much longer than they think. That is why Microsoft changed service pack 1 for windows 2003. TheAnonymous -- 01/07/05

and it takes YAST more than an hour to download all the patches for a Novell desktop SUSE 9.2 install, so what is the point here....everybody is vulnerable for much longer than they think. That is why Microsoft changed service pack 1 for windows 2003. The only place it can communicate with is windowsupdate, therefore be fully patched and virus scanners loaded before network access is enabled. This is how trust worthy computing is moving the world forward

• Reply to comment
• Reply to story
• Report offensive content

I'm a tech and I know for a fact that the majority of home users I service only have problems with malware when they don't keep their av uptodate, don't regularly scan for malware, and click on everything that pops up in front of them. If don't do the abAnonymous -- 01/07/05

I'm a tech and I know for a fact that the majority of home users I service only have problems with malware when they don't keep their av uptodate, don't regularly scan for malware, and click on everything that pops up in front of them. If don't do the above, they have very few problems.

I agree with Mike about Norton's; I have found more Norton's machines with undiscovered viruses than any other AV package I've come across.

The OS argument is just plain wrong. Windows is just as secure as Mac or Linux when properly used. It's a credit to the windows os that it is able to be made secure in an environment where due to it's monopoly it is virtually the sole target of malware writers.

Malware is written for windows not because it is weaker, but because it is the most common platform and therefore provides the highest return for the hackers effort. Why develop an attack to turn mac macines into slaves, when there are thousands more Windows machines to enslave?

I agree in the nth degree of security linux is better, but the malware attacks that are causing problems are easily protected against from any os. Sure linux is more secure against a dedicated targeted attack such as hacking into a rival company's server, but this is far from a concern for a home user desktop machine.

• Reply to comment
• Reply to story
• Report offensive content

About YAST. The point is, of course, that in that hour on-line, the unpatched SuSE is NOT going to be compromised. Whereas with your Windows box, you can be pretty sure it will be hacked. Get it now? 'Bout this weird 2003 story of yours. What are youAnonymous -- 02/07/05

About YAST. The point is, of course, that in that hour on-line, the unpatched SuSE is NOT going to be compromised. Whereas with your Windows box, you can be pretty sure it will be hacked. Get it now?
'Bout this weird 2003 story of yours. What are you saying? You can't get it on-line without SP1? That is too funny!!!
So mister consultant, you can go "forward" with windows for all i care.

• Reply to comment
• Reply to story
• Report offensive content

No Mr CEO of course you can get it online without patching or virus protection if you choose to open yourself to potential risks. I am saying there are security measures in place to ensure you can install the relevant software and fully update your systemAnonymous -- 02/07/05

No Mr CEO of course you can get it online without patching or virus protection if you choose to open yourself to potential risks. I am saying there are security measures in place to ensure you can install the relevant software and fully update your system, and then tick the box to release the server to communicate to all relevant requests.

YAST updated...I am sorry you are vulnerable to every update you are patching for if there is exploit code available. To think otherwise is just plain stupidity. This goes for every device on the network including routers and switches.

No wonder you are the CEO, promoted to the position of incompetance...

• Reply to comment
• Reply to story
• Report offensive content

Despite what you people say, the OS does play an important role in a computer's susceptibility to virus threats and malware. I use and administer all types of OSs, from Windows to Macs to Linux machines to a variety of Unix boxes, and the arguAnonymous -- 02/07/05

Despite what you people say, the OS does play an important role in a computer's susceptibility to virus threats and malware.

I use and administer all types of OSs, from Windows to Macs to Linux machines to a variety of Unix boxes, and the arguments should lie in an OS's ability to be secure right out of the box, ie, straight from the vendor and without any third-party add-ons. If an operating system cannot pass this test it isn't a safe OS to use.

• Reply to comment
• Reply to story
• Report offensive content

SUSE - Insecure by design? http://www.novell.com/linux/security/securitysupport.html#1 Look, no matter what OS is attached to the internet, the firewall should be on before it connects. Anyone who suggests Linux is safe withoAnonymous -- 02/07/05

SUSE - Insecure by design?

http://www.novell.com/linux/security/securitysupport.html#1

Look, no matter what OS is attached to the internet, the firewall should be on before it connects.

Anyone who suggests Linux is safe without a firewall and unpatched is not too bright.

• Reply to comment
• Reply to story
• Report offensive content

absolutely agree Larry, that is why Microsoft moved from including the functionality to enforcing its use. Most the nimda etc viruses that infected the world would have been stopped ios the included capability was turned on...now it is be defaultAnonymous -- 02/07/05

absolutely agree Larry, that is why Microsoft moved from including the functionality to enforcing its use. Most the nimda etc viruses that infected the world would have been stopped ios the included capability was turned on...now it is be default

• Reply to comment
• Reply to story
• Report offensive content

Until Sophos elects to publish their numbers and study methods, this is hooey. It's the opinion of YAAH unless it's backed up with facts. Go to Blackhat and you can find thirty people making the same claims. We all know there is some fuzzy fact out theAnonymous -- 03/07/05

Until Sophos elects to publish their numbers and study methods, this is hooey. It's the opinion of YAAH unless it's backed up with facts. Go to Blackhat and you can find thirty people making the same claims. We all know there is some fuzzy fact out there, but to date, I have seen zero formal studies; just opinions backed by guesswork. It would be nice to have an actual study. Maybe I'll have an intern do it next semester...

• Reply to comment
• Reply to story
• Report offensive content

It's hard to keep a straight face when reading comments from self-proclaimed IT professionals who claim to actually believe that Windows is, or can be made to be, as secure as other OSes. Windows is a dumbed-down OS marketed to the clueless public. AnyoneAnonymous -- 03/07/05

It's hard to keep a straight face when reading comments from self-proclaimed IT professionals who claim to actually believe that Windows is, or can be made to be, as secure as other OSes. Windows is a dumbed-down OS marketed to the clueless public. Anyone who would connect it to the internet and use it for anything more important than home entertainment is a fool.

• Reply to comment
• Reply to story
• Report offensive content

I gues so Hank, that is why the USA stock exchange is such a stupid place, supporting stupid Americans like us...oh yeah they get 6 x 9 availability and never get hacked. I guess dumbed down for dumb users Please read a little bit more before shAnonymous -- 03/07/05

I gues so Hank, that is why the USA stock exchange is such a stupid place, supporting stupid Americans like us...oh yeah they get 6 x 9 availability and never get hacked. I guess dumbed down for dumb users

Please read a little bit more before shooting your self in the foot...must be a reb

• Reply to comment
• Reply to story
• Report offensive content

"I gues so Hank, that is why the USA stock exchange is such a stupid place," It is apparently so stupid that not even Google can find it, so I went to the next best place, the New York Stock Exchange. I've heard it's really the biggestAnonymous -- 03/07/05

"I gues so Hank, that is why the USA stock exchange is such a stupid place,"

It is apparently so stupid that not even Google can find it, so I went to the next best place, the New York Stock Exchange. I've heard it's really the biggest of them all. Then I asked Netcraft what the site runs, and guess what? NYSE runs Linux! Imagine that.

"Please read a little bit more before shooting your self in the foot...must be a reb"

Excellent advice. Perhaps you should heed it.

• Reply to comment
• Reply to story
• Report offensive content

Yes that would be the USA stock Exchange located in New York Look behind the web front end...the entire trading system is windows powered, hence what enables the stocks to tradeAnonymous -- 03/07/05

Yes that would be the USA stock Exchange located in New York

Look behind the web front end...the entire trading system is windows powered, hence what enables the stocks to trade

• Reply to comment
• Reply to story
• Report offensive content

RE: The worst customer service in the worldAnonymous -- 01/03/06

Dell by far takes the cake on this one. I have been wating 5 weeks for a $200 per hr technician to come and install broken LCD screen for my Inspiron 6000. I was warned not to buy a dell and anyone reading this should do the same.
NEVER BUY A DELL. Their customer service is horrible. They keep you on hold no one knows what is going on. I guess that's what happens when you employ people with less than a high school diploma.

DON'T Buy A DELL>>>>>>>>>>>>>>

• Reply to comment
• Reply to story
• Report offensive content

• Just In

• Most Popular

• Most Discussed

Reader Services

Popular Topics

Essentials