According to Fortinet, a new dialer malware is on the spread. Their researchers claim that the threat was mainly reported in Mexico and the US, and that the malware uses the analogue modem to call long-distance calls.
In their newsletter, they make this comment:
"Fortinet threat researchers believe the introduction of this malware can possibly be linked to the rise of bots and the global DSL-ization of personal Internet connections, which also triggered the extinction of the dialers. "
Excuse me for being slow - the global DSL-ization of personal Internet connections triggers a long-distance dialer? This has to be a misinterpretation. Lets hope it is the error of the marketing guys, cause if the researchers at Fortinet actually think that DSL devices triggered this particular event, AND made the extinction of dialers, all their users must be in jeopardy.
In my opinion, this kind of threat is one of the new "mixware" threats that are on the rise. A Mixware is a threat that combines different strategies and tactics to spread and exploit. And we are only starting to see the possibilities.
This particular mixware is built using BotNet principles. That means that the threat is capable of calling home, receiving commands, update itself and alter its action depending on the commands.
In addition, it has built in different means of communication. It spreads using Internet. But - including a dialer enables it to use other means of communication - analogue modems, GSM modems - you know, the type you use when on the road. Why? To avoid being caught.
By omitting the LAN firewall, and Internet security measures, the threat may call home using the modem. And your network security guy will not be able to catch it. Further, mixing in new technology like this may enable it to be a carrier for other types of threats, including mobile virus.
Adding intelligence to the threat makes it decide the best tactics to reach its target. Returning information back to base makes it a great tool for gathering intelligence - i.e. spying. Using the modem, it may soon be able to SMS or MMS - or connect to Internet automatically using your GSM modem.
I think Mixware is on the rise. I bet we will see many different types of these threats in the future.
How can you prepare? How can you make your employees understand and avoid such threats?
Recent comments
14 weeks 5 days ago
14 weeks 6 days ago
15 weeks 3 hours ago
15 weeks 13 hours ago
15 weeks 23 hours ago
15 weeks 1 day ago
18 weeks 2 days ago
19 weeks 4 days ago
21 weeks 6 days ago
22 weeks 1 day ago