Just as firms are getting their heads around the
opportunities offered by Web 2.0, they are faced with thethreat of "Trojan 2.0", says web
security firm Finjan.
Trojan 2.0 attacks use regular Web 2.0 technology and websites
to exploit legitimate web services, said Finjan, which has
monitored such attacks through its Malicious Code Research Center
(MCRC).
Finjan said Web 2.0 technology and websites give attackers an
easy and scalable command and control scheme.
In Finjan's
latest quarterly threat report, Web 2.0 is said to be being
used for the botnet delivery of spam, identity theft through
keylogging, highly sophisticated financial fraud, corporate
espionage, and business intelligence gathering.
"Criminals and attackers are arming their crimeware Trojans with
new covert communication channels, designed to evade detection by
traditional security products," said Finjan CTO Yuval
Ben-Itzhak.
"Since this model uses legitimate websites and domains for
distributing instructions to botnets, these communications appear
as regular web traffic, and in most cases cannot be detected by
enterprises' existing security solutions."
He said, "The advancements made in Trojan technology compel
businesses to upgrade their web security solutions. Products that
rely on real-time inspection and true understanding of the
underlying web content, rather than reputation-based or
signature-based solutions, are best equipped to handle these types
of threats."