Alexander Gostev, Senior Virus Analyst at Kaspersky Lab, has released the report “Malware evolution: January – March 2008“.

What is interesting, in brief:

1. Bootkit as a self-sufficient platform — something that could be added to an existing malicious program in order to protect that program and mask its presence in the system using MBR infection on the OS kernel level.

2. Social networking sites are becoming more and more important target for phishing and trojan attacks. Users are not prepared yet to face a trojan in a blog entry referred to by some virtual friend.

3. More and more serious trojans and worms for mobile platforms — Symbian, Windows Mobile, J2ME and iPhone.

And overall trend, as before, is increased complexity of malicious code and its hiding techniques, borrowing certain technologies from the antivirus world. For example, some viruses now use signature bases to detect and block the antivirus programs. Earlier they used simple filenames for this purpose.

Tags: bootkits, malware, trojans