The Trojan, called PWS-JO by McAfee, Downloader by Symantec and Win32/Scypex.A by Microsoft, is considered low risk, as there are very few instances of it being found and all of the major antivirus programs will detect it. What it reflects, Marcus said, is that virus distribution has moved beyond just e-mail and Web links to a new network, in this case, VoIP (define).
Marcus said Avert gets between 8,000 and 9,000 submissions per day, and around 100 to 150 are totally new viruses, most often Botnets and password stealing Trojans. The methods for infection remain largely the same.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i"Some use spamming, a lot of the times it's by social engineering sites that use browser vulnerabilities," he told internetnews.com. "Attachments still work wonders. I guarantee you you'll get two percent success, and that's all they are looking for, the low hanging fruit. That's still amazingly successful after all these years."
Avert found around two-thirds of all password stealers are aimed at banks and financial institutions. Marcus said those groups have been very good at protecting their systems, but the problem is password stealers re-route the computer from a valid site to a fake one.
But the next-largest target for password stealers may surprise some: massively-multiplayer online games (MMOs), like Blizzard's World of Warcraft and Sony Online Entertainment's EverQuest.
They don't want the characters, they want either the credit card and billing information for the account, or better yet, the in-game loots from the virtual economies of these games.
Virtually every online game has people who don't play for fun but to amass in-game money and items, which they sell for real world dollars to players who don't have the time or effort to make their own. "The economy of MMOs is huge," said Marcus.