March 8, 2007; 03:52 AM
PandaLabs, Panda Software's malware detection laboratory, has detected an alarming increase in the amount of malicious code using rootkit techniques. In 2006 there was a 62 percent annual increase and the forecast for 2007 is equally pessimistic. Given that in the first two months of the year the laboratory has already detected almost 25 percent of last year's total, the overall increase this year is expected to be around 40 percent.Rootkits are programs that use stealth techniques to prevent malicious code from being detected by traditional security and system administration solutions such as antivirus or anti-spyware software. As it is hidden, the malicious code can then act with complete impunity. Rootkits can also hide processes, files and even modifications to the Windows registry.
February's ranking of the most dangerous threats includes three malicious codes that use these techniques: Bagle.HX, Abwiz.A and the highly dangerous Nurech.A.
"Rootkit techniques are becoming increasingly popular among malware creators, particularly for spyware and banker Trojans", says Luis Corrons, Technical Director of PandaLabs.As rootkits can evade detection by traditional antivirus and antispyware security systems, proactive protection is needed to block these threats based on the malicious code's behavior and intent."PC users need security systems that can counter this type of hidden threat, otherwise their confidential data can be exposed with the consequent risk of theft and fraud," explains Corrons.Panda Software's TruPrevent is a powerful weapon in the fight against hidden threats. This proactive technology analyzes program behavior to sniff out hidden malicious code such as rootkits or those that have yet to be identified by antivirus laboratories. TruPrevent provides the additional cover needed to protect against unknown threats and intruders and is fully compatible with the reactive technologies used by antivirus solutions.Panda Software also offers two new online tools for detecting this latest generation malware: Malware Radar and NanoScan. Both of these solutions can detect a much higher percentage of Malware by utilizing a new approach to Malware signature files. Unlike traditional antivirus software, where a limited signature file is installed on each PC, Malware Radar and NanoScan access a much more comprehensive master signature file provided online and continually updated in real-time. This massive online signature file is hosted on a network of data centers at PandaLabs. Because this new type of signature file uses a "collective intelligence" approach, both Malware Radar and NanoScan can detect much more malicious software than any other tools currently available.Malware Radar is essentially a corporate tool, while NanoScan, now available in beta version, is aimed at the consumer market and detects all active malware in critical areas of computers in less than a minute.
About PandaLabs
Since 1990, its mission has been to analyze new threats as rapidly as possible to keep our clients safe. Several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. To achieve this, they also have the support of TruPrevent, which acts as a global early-warning system made up of strategically distributed sensors to neutralize new threats and send them to PandaLabs for in-depth analysis. According to Av.Test.org, PandaLabs is currently the fastest laboratory in the industry in providing complete updates to users (more info at http://www.pandasoftware.com/pandalabs and http://blogs.pandasoftware.com/blogs/pandalabs/).
For more information: http://www.pandasoftware.com/virus_info/
PRESS BY MONTH
EDITOR'S DESK
SUBMIT PRESS
