Because of this, we can expect Windows malware to continue evolving in innovative ways. One prominent trend is the rise of attacks outside of Microsoft-land. Koobface, for example, runs on Windows, but it's used to harvest information from Facebook and MySpace, convince Facebook users to install rogue antimalware programs, and otherwise turn social networking information into lucre. Nart Villeneuve provides an excellent PDF overview.
Another trend will likely revolve around industrial espionage. Whether or not you believe the Stuxnet worm was designed to break Iranian nuclear enrichment centrifuges, there's no question that a very capable team constructed a breathtaking array of zero-day Windows cracks and Siemens Step 7 code. Expect motivated organizations to blend innovative threats to get what they want.
As for malware construction kits, ZeuS looks to be only the beginning. By democratizing the construction of malware, sufficiently talented kit creators can make a decent living, at much reduced risk. With kits for sale, the creators don't have to worry about disseminating the malware without getting caught, keeping drop sites working, or turning information into money. Recently, Brian Krebs reported that ZeuS and SpyEye have apparently joined forces, and the latest ZeuS source code can be purchased for a paltry $100,000. With source code in hand, you can create and sell your very own customized ZeuS construction kits. Think of it as a malware multilevel marketing scheme.
But the most prolific vector for malware innovation will likely reside in social engineering. After all, while it's getting harder to crack Windows programs, it's as easy as ever to attack the weakest link: the one between users' ears. Look for more cons, more fake "Windows tech support" calls, and more bewildered users who will gladly give out sensitive information to anyone who claims they can help fix things.
Windows malware has changed a lot in the past 20 years. People haven't.
- Insider: Top 20 tips and tricks for Windows 7
- Download: Windows 7 Deep Dive Report
- Download: Windows 7 Quick Guide
- Download: Windows 7 Security Deep Dive Report
- Top 15 free tools for every Windows desktop
- More great free troubleshooting tools for Windows
- Top 10 free Windows tools for IT pros, at a glance
- The best free open source software for Windows
- Microsoft's best free tools for IT admins
- Worst Windows flaws of the past decade
This story, "20 years of innovative Windows malware," was originally published at InfoWorld.com. Keep up on the latest developments in network security and Microsoft Windows at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.