RSS To Carry Spyware Before Year's Out - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

03:54 PM

RSS To Carry Spyware Before Year's Out

By the end of the year, spyware will have turned to RSS to distribute its key loggers and ad spawners, a security expert says.

By the end of the year, spyware programs will have tripled in number, put Firefox in their sights, and have turned to RSS to distribute its key loggers and ad spawners, a security expert said Friday.

Richard Stiennon, director of threat research at anti-spyware software vendor Webroot, first presented his six predictions at this week's Gartner IT Security Summit.

Number one on his list?

"The first spyware that targets Firefox will appear in the first half of 2005," prognosticated Stiennon. "That means either a spyware writer will take advantage of a vulnerability in Firefox, as others already have in Internet Explorer, or create a site that forces Firefox to invisibly download and install adware or spyware."

Stiennon's apparently not worried about the impending deadline for his prediction. "Test code against Firefox exists," he said, "and I've seen [spyware] exploits against Firefox that don't work. At the Gartner conference, I had a conversation with the CIO of another security firm, and he said that his company had just found an example."

Some of Stiennon's predictions were no-brainers, or in one case, with tongue firmly in cheek. "The number of new Microsoft vulnerabilities will grow," he said. "That was said tongue-in-cheek." Others, such as his bet that the number of different types of spyware will triple in 2005 to reach 4,500 total, is an easy prophecy, he added, since "we're well on our way for that number right now."

In Stiennon's opinion, his most distressing prediction is that spyware will latch onto RSS (Real Simple Syndication) as a way to distribute ad- and spy-style software.

"I'm extremely concerned about this," said Stiennon. "Already we're seeing marketers look to RSS. A recent list by marketing types on why RSS is better than e-mail, for example, had 'no more annoying complaints about spam' at number 8. Where marketers go, adware and spyware writers follow."

Another nasty possibility, said Stiennon, is that a vulnerability will be found in one of the big blogging services. "If a spyware writer finds a way to inject code into a blogging site -- which could take the form of a SOAP object -- most likely through a future vulnerability in Internet Explorer 7, then everyone who subscribes to that service's blog RSS feeds is gonna get infected." Such an attack could be massive, and because of the automated nature of RSS, extremely fast-acting.

Finally, Stiennon predicted that rootkits, hacker toolkits now used by the most sophisticated worm authors to hide evidence of their malicious code from anti-virus scanners, will migrate to spyware this year.

"There's a very small group, under 2,000, of advanced spyware writers. They're already experimenting with rootkits, and when they start using them in numbers, spyware is going to be very very hard to detect."

Stiennon's final prediction didn't make his list at Gartner's conference, but is no surprise considering how much space on his blog he's devoted to the recent Israeli incident where several companies' executives have been charged with industrial espionage after hiring private investigators who in turn used a British programmer's spyware Trojan to infect rivals' computers.

"An episode of industrial espionage using spyware will be revealed in the U.S.," Stiennon said. "Without a doubt."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
10 Ways to Transition Traditional IT Talent to Cloud Talent
Lisa Morgan, Freelance Writer,  11/23/2020
Top 10 Data and Analytics Trends for 2021
Jessica Davis, Senior Editor, Enterprise Apps,  11/13/2020
Can Low Code Measure Up to Tomorrow's Programming Demands?
Joao-Pierre S. Ruth, Senior Writer,  11/16/2020
Register for InformationWeek Newsletters
Current Issue
Why Chatbots Are So Popular Right Now
In this IT Trend Report, you will learn more about why chatbots are gaining traction within businesses, particularly while a pandemic is impacting the world.
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll