The program is nasty. It deletes pictures and movies from your hard drive and
then it teases you: "Even though Mr. Kaneko was found guilty, you are still
using Winny. I really hate such people," taunts an animated woman on your
screen.

Welcome to the age of localized malware.

Over the past two years virus writers have increasingly targeted their malicious
programs to users in different regions of the globe, creating programs that
are specially designed to infect users in countries like Japan, Brazil, China
or Germany.

Take the taunting Trojan, which goes after users of the Winny file-sharing
program. (Winny creator Isamu Kaneko was convicted of abetting copyright violations
in late 2006) Winny is file-sharing software that is incredibly popular in Japan,
but virtually unknown outside of the region. Still, it's been the target of
several malware programs, according to Dave Marcus, security research and communications
manager for McAfee Avert Labs. "Japan has some really unique factors that
we just don't see anywhere else," he said. "There are a couple of
malware writers in Japan who don't like people who illegally share content."

Previously, attackers would write programs that would affect the largest possible
number of users, but that's no longer necessarily the case, Marcus said. "What
we've noticed over the last couple of years is that a growing amount of malware
is localized."

McAfee believes that there are a few reasons behind this shift. For one thing,
writers no longer want the worldwide attention and law enforcement action that
was garnered by outbreaks such as Sasser and Netsky.

And with users becoming more wary, hackers have to be crafty with their attacks
-- creating more targeted malware that victims are unlikely to have seen before.
Another factor is that criminals are increasingly targeting their attacks to
regions that have weak cybercrime enforcement, McAfee believes.

Regional attacks also cater to regional tastes. Online banking is widely used
in Brazil, so much of the malware there tries to steal banking usernames and
passwords. In China, online gaming is so popular that Chinese World of Warcraft
password stealers are now the second-largest class of malware tracked by McAfee,
Marcus said.

These regional attacks are part of an explosion of viruses and Trojan programs
that is making life more difficult for people companies like McAfee that track
and intercept the malware. In 2006, the company identified 53,537 unique pieces
of malware according to data
set to be published Thursday in Sage, McAfee's semi-annual magazine devoted
to security issues.

Last year that number jumped 246 percent to 131,862, and it could double again
this year. By the end of 2008, McAfee expects to be identifying about 750 pieces
of malware per day.

IDG News Service

• Email
• Print
• Share
  • Slashdot
  • Digg
  • Stumble
  • Reddit
  • Newsvine