There was an increase in the number of toolkits this past year because they simplify the process of creating malware, so amateurs can spam individuals and companies, according to analyst James Quin, at the London, Ont.-based Info-Tech Research Group Inc.
“Building malware used to be complicated and required a significant amount of skill,” Quin said. “Toolkits simplify the process to the point that rank amateurs can create effective, disruptive malware.”
Toolkits also make it easier to conduct cyber attacks is because they can spread through social media sites like Twitter, so that more people know about the toolkit and thus purchase it, according to a report by security company Trend Micro Inc, headquartered in Tokyo, Japan.
They are also on the rise is because they are cheaper now and more widely available, according to Nart Villeneuve, a Trend Micro researcher.
“Access to toolkits (used to be) expensive and exclusive in underground forums,” Villeneuve said.
The increase in the availability does not mean these toolkits are unique. Most new ones are available because hackers have stolen source code resold to others, he said
The increase in the number of tool kits means malware will still be around.
“Malware isn’t going to become less of a threat anytime soon,” Quin said. “ It means IT professionals need to stay diligent…using up to date anti-malware tools, keeping them current in terms of definition databases and scanning engines, and supplementing them with rigorous patching programs, since most malware targets known vulnerabilities, or those for which a corrective patch exists.”
However, computer users can prevent infections from occurring on their devices by being aware, according to Villeneuve.
IT professionals can install anti-spam tools for e-mail as well as mobile devices, and encourage employees within their organizations to filter spam before it enters their inboxes. IT professionals must ensure their staff does not open email from unknown senders or follow the links to sites in those email messages, according to Quin.
Pharmaceutical spam is also increasing, according to the report. However, Quin does not believe pharmaceutical spam is any different from any other form of spam.
“Spam is cyclical; (when) one content focus becomes less popular, another rises in its place,” he said. “(Spam) uses information that cybercriminals feel will be timely or broadly interesting to solicit message openings and content click through.”