As if most malware weren't crafty enough, there are signs that indicate a certain amount of conspiring between attackers, making the latest threats even more difficult to detect. What's more, February proved a particularly busy month for malware, with Trojans, botnets, and spam all seemingly on the rise compared to previous months.
According to Symantec's February 2011 Intelligence Report (PDF), February was among the most prolific time periods in terms of simultaneous attacks, with synchronized, integrated attacks coming from Bredolab, Zeus, and SpyEye.
"The malicious code used in the different waves of attack also shared some common techniques," Symantec explains. "It seems these ongoing attacks alternate between what historically have been different malware families. For example, one day would be dedicated to propagating mainly Zeus (aka. Zbot) variants, while another day was dedicated to distributing SpyEye variants. By February 10, these attacks had multiplied further and were being propagated simultaneously with each malware family using its own polymorphic packer to further evade traditional antivirus detection."
What makes this integration interesting is that these malware families had previously been "bitter rivals," Symantec says. Throughout most of the year, Zeus and SpyEye were in competition with each, but it seems that the attackers figured out they can do more damage by working together. That's a scary thought.