[82640] in North American Network Operators' Group
Spyware 'calling home' volumes soar
daemon@ATHENA.MIT.EDU (Fergie (Paul Ferguson))
Mon Jul 25 20:26:01 2005
From: "Fergie (Paul Ferguson)" <fergdawg@netzero.net>
Date: Tue, 26 Jul 2005 00:23:41 GMT
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
8% counts for a lot of traffic...
John Leyden writes in The Register:
[snip]
Outbound spyware transmissions from infested machines accounted for up to eight per cent of total outbound web traffic in pilot tests of a new managed spyware screening service. UK web security firm ScanSafe said the volume of traffic observed during a 10 week pilot test of its Spyware Screening service showed that spyware applications are becoming more and more stealthy in their ability to hide their outbound 'covert' channels among normal web traffic. That's bad news because data sent when spyware "calls-home" can include confidential and even privileged information.
Spyware now accounts for around 20 per cent of web-based threats, which includes other malware such as worms and Trojans, and is still on the increase, according to ScanSafe. The firm said malware such as CoolWebSearch, which hides on an infected client using newly developed root-kit architecture, often evades detection.
[snip]
http://www.theregister.co.uk/2005/07/25/spyware_screening/
- ferg
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg@netzero.net or fergdawg@sbcglobal.net
ferg's tech blog: http://fergdawg.blogspot.com/
