http://news.com.com/Desktop+search+new+target+for+viruses/2100-7349_3-5491070.html By Munir Kotadia Special to CNET News.com December 14, 2004 Security experts are warning that virus writers could use new desktop search tools to make their malicious software more efficient. Foad Fadaghi, senior industry analyst at Frost & Sullivan Australia, said that most viruses are designed to harvest e-mail addresses and other personal information from an infected system. He warned that because desktop search tools such as those recently announced by Google, Microsoft and Yahoo can index and categorize that information, virus writers are likely to start exploiting the technology. "Desktop search products are very efficient at harvesting data, so it wouldn't be surprising if exploits are sought by malicious coders. Any software that can index and capture data on a user's PC will be subject to virus and Trojan exploits. It is just a matter of time," Fadaghi said. Neil Campbell, the national security manager of IT services company Dimension Data, said that any change in the desktop environment can create new security vulnerabilities, so when companies decide to adopt a new product they should look beyond the user benefits. "It sounds like great technology, but don't deploy it without considering the security implications. With any new product area there is a need to consider security," Campbell said. According to Campbell, virus writers are unlikely to start targeting the new tools immediately--but only because they are not common. "It is not going to be in the virus writers' best interest to target them immediately. I would expect the spread of a virus to be inhibited because of the low take-up rate--at least to start with," Campbell said. Viruses have already used Internet search engines to harvest e-mail addresses. In July, a MyDoom variant pumped so many queries into Google that the search engine was unavailable or very slow for large periods of time. The same variant of MyDoom also succeeded in knocking a number of smaller search engines--including Lycos and AltaVista--off the Web completely. At the time, Graham Cluley, senior technology consultant at antivirus firm Sophos, said he expected virus authors to continue manipulating search engine technologies. "You don't have to be psychic to predict the release of more worms trying to scoop up e-mail addresses from search engines. Unfortunately, we expect to see other worm authors trying similar tricks in the future," Cluley said. Dimension Data's Campbell said that if companies do choose to use desktop search tools, they should take extra care to ensure viruses do not get a chance to reach the desktop. "You need to consider these issues once the virus has infected your PC, but more importantly, companies should prevent the virus from executing. Make sure the PCs are up-to-date from a patch and antivirus perspective and loaded with a personal firewall," Campbell said. Munir Kotadia of ZDNet Australia reported from Sydney. _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
This archive was generated by hypermail 2.1.3 : Wed Dec 15 2004 - 01:56:00 PST