Trojan programs, particularly those designed to steal online gaming account credentials, have become the mainstay of malware authors.
According to Kaspersky Labs' Malware Evolution: 2006 Trojan code formed 90 per cent of new malicious code samples seen last year, relegating internet worms, once the mainstay of internet threats, to a fringe category. Many examples of Trojan code are designed to turn infected machines into zombie machines under the control of hackers. These networks of compromised machines (botnets) are commonly used to send spam messages. Kaspersky reckons up to 80 per cent of email traffic is junk mail (managed service security firms make a similar estimate that 77.8 per cent of emails sent during February was spam).
Spammers increasingly use graphics in order to evade spam filters or send junk mail messages masquerading as personal correspondence in order to get the recipient to read the whole message before, for example, clicking on a link to a product punted through junk mail messages.
Kaspersky found products punted through junk mail differed according to language with most Russian language spam offering education and training, and goods ranging from busts of the Russian president to a device which will 'translate' a dog’s bark. English language spam, by contrast, tends to focus on advertising for stocks and shares, penis pills and cheap (pirated) software.
The report also notes that spam became increasingly criminalised in 2006, with spammers actively using SMS to spread spam. The company’s analysts believe that technologies currently in use will continue to evolve in 2007, together with further development of graphical spam, and increased criminalization of mass mailings.
Kaspersky researchers predict that virus writers and spammers will work ever more closely together over coming months and that the number of Trojans will continue to increase. Virus writers will be on the lookout for exploitable vulnerabilities in Vista, Microsoft's new OS. Kaspersky adds that Trojans for J2ME, designed to steal funds from mobile user accounts, can be expected to emerge this year. It also reckons spammers will make more active use of text messaging to spread spam. ®