Microsoft says worms are making an unwanted comeback in its latest annual Security Intelligence Report.

Worm attacks increased by more than 100% in the second half of 2008, and are now the second biggest threat category behind Trojans.

The worm resurgence was largely down to the infamous Conficker, which wreaked havoc across the world earlier this year. However, Microsoft warns a second worm called Taterf, which targets massively multiplayer online role-playing games (MMORPGs) such as World of Warcraft, is also doing damage.

The company claims Taterf infections have risen by more than 150% since the second half of 2008, and that companies are suffering as a result. “It’s a family of worms that has the target of getting your credentials,” Microsoft’s UK head of security, Cliff Evans. “It will spread within the enterprise – it’s brought from home into work.”

Evans said companies need to tighten access to file shares and removable storage volumes, such as USB thumb drives, to avoid infection.

The good news is fake security software (or scareware) is in decline, with infections sloping off by a fifth since last year. “There’s less of it than there was,” said Evans, who claims security companies are now better at detecting the rogue software than they were previously.

Microsoft says it will continue to pursue the peddlers of such software, many of whom use Microsoft-like symbols and icons to hoodwink their victims. “They are very convincing,” Evans said. “We’ve seen fake blue screens, fake start-up screens and more.”

“We do a tremendous amount of work with law enforcement [to apprehend scareware vendors],” Evans added.

Author: Barry Collins
.