Stormy weather for malware defenses

On January 18, the day the misnamed program a Trojan horse, not a worm first appeared, more than 350 different variants were released, according to report penned by security firm CommTouch Software. Four days later, the number of slightly different versions jumped to more than 7,300. By the end of January, more than 54,000 variants had hit the Internet, the report stated, each one spammed out by computers previously compromised by the program.

The technique is effective. While antivirus program's pattern recognition algorithms, frequently referred to as heuristics, may have stopped a large fraction of the variants, creating signatures to catch all the versions takes time. Response to a new variant--including developing, testing and distributing a signatures--takes hours at a minimum. Responding to thousands can take much longer.Stormy weather for malware defenses

Linked by shanmuga Tuesday, 6th March 2007 9:12PM