Virus writers are getting more sophisticated and are localising malware for specific markets claims a senior security researcher.
For example, said Dave Marcus, security research and communications manager for McAfee Avert Labs, look at the taunting Trojan, which goes after users of the Winny file-sharing program (Winny creator Isamu Kaneko was convicted of abetting copyright violations in late 2006). Winny is file-sharing software that is incredibly popular in Japan, but virtually unknown outside of the region. "Japan has some really unique factors that we just don't see anywhere else," he said. "There are a couple of malware writers in Japan who don't like people who illegally share content," he said.
Previously, attackers would write programs that would affect the largest possible number of users, but that's no longer necessarily the case, Marcus said. "What we've noticed over the last couple of years is that a growing amount of malware is localised."
McAfee believes that there are a few reasons behind this shift. For one thing, writers no longer want the worldwide attention and law enforcement action that was garnered by outbreaks such as Sasser and Netsky.
And with users becoming more wary, hackers have to be crafty with their attacks - creating more targeted malware that victims are unlikely to have seen before. Another factor is that criminals are increasingly targeting their attacks to regions that have weak cybercrime enforcement, McAfee believes.
Regional attacks also cater to regional tastes. Online banking is widely used in Brazil, so much of the malware there tries to steal banking usernames and passwords. In China, online gaming is so popular that Chinese World of Warcraft password stealers are now the second-largest class of malware tracked by McAfee, Marcus said.
These regional attacks are part of an explosion of viruses and Trojan programs that is making life more difficult for people companies like McAfee that track and intercept the malware. In 2006, the company identified 53,537 unique pieces of malware according to data set to be published Thursday in Sage, McAfee's semi-annual magazine devoted to security issues.
Last year that number jumped 246 percent to 131,862, and it could double again this year. By the end of 2008, McAfee expects to be identifying about 750 pieces of malware per day.