informa
News

IBM X-Force Report: Exploit-Leasing Popular

Exploit leasing surfaces from underground, trojans become most popular malware

ARMONK, N.Y. -- IBM (NYSE: IBM) today reported an increase in malware volume and sophistication, the rise of exploit leasing and a lower number of vulnerability disclosures versus the first half of 2006 as part of its security statistics report for the first half of 2007. So far for the year, the IBM Internet Security Systems (ISS) X-Force® research and development team has identified and analyzed more than 210,000 new malware samples, already exceeding the total number of malware samples observed over the entirety of 2006.

X-Force uncovers in the report that the "exploits as a service" industry continues to thrive in 2007. The 2006 X-Force report indicated that managed exploit providers had begun to purchase exploit code from the underground, encrypt it so that it could not be pirated, and then sell it for top dollar to spam distributors.

In 2007, these exploit providers have added the new practice of "exploit leasing" to their repertoire. By leasing an exploit, attackers can now test exploitation techniques with a smaller initial investment, making this underground market an even more attractive option for malicious perpetrators.

According to the report, Trojans (seemingly legitimate files that are actually malware) comprise the most voluminous category of malware so far in 2007, accounting for 28 percent of all malware, in contrast to 2006 when Downloaders was the most common category. A Downloader is a low-profile piece of malware that installs itself so that it can later download and install a more sophisticated malware agent.

"The X-Force security statistics report for 2006 predicted a continued rise in the sophistication of targeted, profit-motivated cyber attacks," said Kris Lamb, director of X-Force for IBM Internet Security Systems. "This directly correlates to the rise in popularity of Trojans that we are witnessing this year, as Trojans are often used by attackers to launch sustained, targeted attacks."

IBM Corp. (NYSE: IBM)

Recommended Reading: