Thwarted hackers turn malware on unpatched PCs

Hackers will continue to launch known viruses and other forms of malware because more than half the PCs on the internet today...

Hackers will continue to launch known viruses and other forms of malware because more than half the PCs on the internet today remain unpatched, according to security solutions firm McAfee.

In a quarterly security report, McAfee also said mobile viruses and new forms of phishing were the main threats internet users had to watch out for in the coming months.

Like rival security company Kaspersky, which has also just published a quarterly threats report, McAfee said mass mailer worms were starting to taper off in the threat stakes, but that there had been a big increase in bots - zombie PCs controlled by remote hackers - and trojans.

Trojans are increasingly being distributed by phishing e-mails, along with keylogging programs that can send keyboard strokes to remote fraudsters.

"Although we saw a steady decline in the rate of viruses produced from 2000 to 2004, down to a 5% year over year growth, we've seen a 20% increase in malware-related threats between 2004 and 2005, and anticipate that these numbers will stay at the higher rate of growth for the immediate future," said Vincent Gullotto, vice-president of McAfee’s security lab Avert. 

"In the first quarter of 2005, the rise in unwanted programs has greatly surpassed what was noted in the first quarter of 2004," he said.

According to McAfee, the top malicious threats in quarter one, in alphabetical order, were Exploit-ByteVerify, Exploit-HelpZonePass, Exploit-MhtRedir, JS/Noclose, StartPage, VBS/Psyme, W32/Mytob and W32/Sdbot (a family including sdbot, gaobot, polybot, spybot).

In addition, McAfee said established mass-mailers, including those from the Bagle, Netsky and Mydoom families, were widely reported.

Vulnerabilities discovered in the first quarter of this year totalled more than 1,000 - roughly 6% more than in the same quarter last year. 

McAfee said that although software developers were increasingly adept at recognising and fixing vulnerabilities, hackers and virus writers were focusing their efforts on reported vulnerabilities and capitalising on machines that had not been patched or updated.

McAfee estimates that around 50% or more of the machines on the internet today are not properly patched to stop these exploits. 

Read more on Antivirus, firewall and IDS products