Backdoors, Bots Biggest Threats To Windows - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

03:41 PM

Backdoors, Bots Biggest Threats To Windows

Almost two-thirds of PCs that had an infection were infected by a backdoor Trojan, according to Microsoft.

Backdoor Trojans are a clear and present danger to Windows machines, Microsoft said Monday as it released the first-ever analysis of data collected by the 15-month run of its Malicious Software Removal Tool, a utility that seeks out and destroys over five-dozen malware families.

According to Microsoft's anti-malware engineering team, Trojans that, once installed, give an attacker access and control of a PC, are a "significant and tangible threat to Windows users."

Of the 5.7 million unique PCs from which the Malicious Software Removal Tool (MSRT) has deleted malware, 3.5 million of them -- 62 percent -- had at least one backdoor Trojan.

"Backdoor Trojans are a large part of the malware landscape," said Matt Braverman, program manager on the team, and the author of a report on the tool's data that was released Monday at Boston's TechEd 2006 conference.

Bots, a subset of Trojan horses, were especially "popular" on infected PCs, Microsoft's data showed. Bots are small programs that communicates with the controlling attacker, usually through Internet Relay Chat (IRC) channels, less frequently via instant messaging. Of the top 5 on the MSRT's removed malware list, three families -- Rbot, Sdbot, and Geobot -- were bots.

Once backdoors and bots are accounted for, all other malware types were seen on only a minority of machines.

"Rootkits are certainly present, but compared to other [malware types] they're not extremely widespread yet," added Braverman. A rootkit was present on 14 percent of the nearly 6 million computers that had to be cleaned.

Since it debuted in January 2005, the MSRT has been run some 2.7 billion times on an increasing number of PCs. In March 2006, the last month for which data was compiled, 270 million unique systems ran the tool, which is automatically downloaded and run on systems with Windows/Microsoft Update turned on.

Over those 15 months, the MSFT found malware on one in every 311 computers.

"I think that's a valid, accurate number," argued Braverman, even though the MSFT doesn't detect and delete every form of malicious software, and runs predominantly on Windows XP SP2 (and not at all on older operating systems, such as Windows 98 and Windows NT).

The MSFT data also seemed to validate the long-standing premise that Windows XP SP2 is more secure than earlier Microsoft operating systems, said Braverman.

Although Windows XP SP2 systems account for 89 percent of all machines from which malware was deleted, when the numbers are "normalized" -- to take into account the number of tool executions on each OS -- SP2's rate falls precipitously to just 3 percent.

Together, Windows XP Gold (the original edition launched in October 2001) and Windows XP SP1 account for 63 percent of the deletions when the numbers are normalized.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
2019 State of DevOps
2019 State of DevOps
DevOps is needed in today's business environment, where improved application security is essential and users demand more applications, services, and features fast. We sought to see where DevOps adoption and deployment stand, this report summarizes our survey findings. Find out what the survey revealed today.
DeveloperWeek NY and MongoDB World Tackle Transformation
Joao-Pierre S. Ruth, Senior Writer,  6/25/2019
GDPR One Year Later: Was the Hype Worth It?
Guest Commentary, Guest Commentary,  6/19/2019
Register for InformationWeek Newsletters
Current Issue
A New World of IT Management in 2019
This IT Trend Report highlights how several years of developments in technology and business strategies have led to a subsequent wave of changes in the role of an IT organization, how CIOs and other IT leaders approach management, in addition to the jobs of many IT professionals up and down the org chart.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll