Why have we seen so many new virus attacks in recent weeks? I believe its because there has been little effort made by law enforcement officials to find or stop the virus authors. Maybe there is more effort coming from law enforcement than Im observing—but if thats true, what theyre doing is incredibly inefficient, and its helping to give the green light to every black-hat coder out there. Script kiddies have gone berserk, seeing that nobody is being caught or prosecuted, and they form a unique smokescreen for the more talented culprits. The scariest aspect is that these viruses and the tricks being used to infect machines are outstandingly efficient and of high quality.
To be honest—and I know this is adding to the problem—you have to feel some admiration for the latest series of attacks. PC Magazine has covered them all in detail recently in a series written by Jay Munro and others. But what hasnt been addressed is now more important than ever: the sociology of attacks. Im amazed by the creative and tricky ways these viruses are being planted, and how the hapless user is tricked into clicking on dopey attachments when he or she absolutely should not do so. While creative virus coders could easily devise ways to simply run code in a preview window, which would initiate problems automatically, they instead sucker the poor user into clicking on something.
Two things that are at work here concern me. First, the top black hats have not seriously exploited the Microsoft Outlook preview window (which can execute code). This means they are likely saving that trick for the BIG ONE. That threat is the reason I do not use Outlook, by the way.