Viruses that will lurk in 2007

Social networkin g sites like YouTube, Orkut and MySpace, that were a mad rage among young netizens last year, may be hot targets for virus attacks this year.

Research by F-Secure tells us about dangerous vulnerabilities in Cross Site Scripting (XSS) that is used on some of these sites. Niraj Kaushik, country manager, Trend Micro (India & SAARC) speculates, "Web threats will impact consumers and corporations alike through confidential information leakage, identity theft, bot infection, adware/spyware installation, and the like."

In 2007, Trend Micro also expects to see the bot threat grow with its creators finding newer methods to install them in users machines. "More ingenious social engineering and software vulnerabilities will be the likeliest candidates for this," adds Kaushik.

In 2005, security pundits declared there was a marked decrease in the growth rate of spam and some major networks such as AOL even reported a modest decrease in spam volumes. Spam filter efficacy was high worldwide so much that many found themselves in agreement with Bill Gates who said "� "the spam problem was solved".

However, by end 2005, spam volumes increased 200 per cent. And this surge continues in 2007. Predictably, spam volumes will again more than double and spam throughput is expected to again triple, putting strain on global email infrastructure and causing disruptions in legitimate email delivery, predicts a security report by IronPort.

Spammers are adopting techniques used by virus writers for years and that's the alarming bit. Spammers will develop a new strain or variant of spam and might send out a very limited trial quantity to see how effective the new strain is against spam filters. Once spammers are confident that they have created a content set that will get through most spam filters, they will launch a very large-scale attack, warns IronPort.

Windows Vista's arrival in 2007 will only add to the frown lines. Says Vishal Dhupar, managing director, Symantec India, "Be ready to witness an increased attacker interest and motivation in the coming year. Consumers and businesses will soon start to migrate to Windows Vista and there may be more threats that target this new operating system as adoption rates increase."

Security report by Symantec notes that macro-based viruses that have increased from zero outbreaks in 2005 to 15 outbreaks in 2006, are to be watched carefully in 2007 Macro-based viruses are viruses that reside inside Microsoft files such as Word and Excel files.

These viruses can be very potent, since many email administrators rely on attachment file type filtering to limit exposure to new outbreaks. Furthermore, Word and Excel files are much more familiar to end users, resulting in higher open and infection rates than more esoteric attachment file types.

Parasitic malware will make a comeback, says McAfee. "Even through parasitic malware accounts for less than 10 per cent of all malware (90 per cent of malware is static), it seems to be making a come back. Parasitic infectors are viruses that modify existing files on a disk, injecting code into the file where it resides. When the user runs the infected file, the virus runs too."

Popular polymorphic parasitic file infectors identified in 2006 had stealth capabilities and could download Trojans from compromised ites.