2005

New viruses and Trojans for mobile platforms continued to emerge, particularly those targeting the Symbian OS. Apart from the more usual method of propagation - via Bluetooth, they also exploited wholly new methods. On 10 January, Lasco appeared. This was the first virus which not only replicated itself on other phone, but also infected executable Symbian files. This was followed on 4 March by Comwar, which sends itself via MMS to other contacts in a user’s contacts list (in much the same way as the first-generation worms did). 13 September saw the emergence of Cardtrap, a Trojan attempting to install malicious Windows files via cross-platform infection.

October-November saw a huge scandal over the discovery of Trojan rootkit technologies on Sony’s BMG compact discs. Rootkit technologies were used to protect the CDs from illegal copying. However, the very same technologies could equally be used for criminal purposes, and that is exactly what happened almost immediately thereafter when on 10 November the first backdoor Trojan was detected which exploited this very loophole.

The antivirus industry was undergoing massive change. Microsoft was actively seeking to enter the antivirus software market and to this end acquired two antivirus companies almost simultaneously. On 8 February 2005, Microsoft acquired Sybari, a company specializing in protection technologies for Microsoft Exchange email. They then followed this up with an announcement on 20 July concerning their acquisition of FrontBridge Technologies, a developer of network traffic filtration technologies. This was in addition to RAV antivirus, acquired in 2003 and GIANT Anti-Spyware, the acquisition of which was announced on 16 December 2004.

On 5 July 2005 the merger of Symantec and Veritas, a vendor of backup systems, was announced. The move was seen by many of those in the know as Symantec moving to protect itself commercially, ahead of Microsoft’s solutions hitting the market.

An additional scandal broke this year concerning a further vulnerability that had been found in MS Windows applications. This time it was a Windows Meta Files (WMF) processing vulnerability. The situation was further exacerbated by the fact that information about the vulnerability was published prior to the release of the respective Windows update. Users of Windows found themselves with little or no protection against hundreds of Trojans which immediately started to exploit the ’hole’ in order to penetrate computers. Moreover, the information about the hole came on 26 December — during the Christmas holiday period, meaning that it was highly unlikely that Microsoft would react promptly. This was exactly what happened. On 3 January 2006, after several days of silence, Microsoft made an announcement stating that the Windows update would be released according the ‘approved schedule’, i.e. on 10 January. The IT security world literally exploded with numerous critical, angry, and sometimes even downright offensive articles attacking Microsoft. In the end, under barrage of criticism, Microsoft gave in and issued patch MS06-00 on 16 January 2006, which fixed the WMF processing vulnerabilities.