Hi malware fighters,

Like developers are switching to Web 2.0 functionality, malcreators will do the same. Researchers already warn for a trojan 2.0 coming. This new generation of trojans will use the Open Web 2.0 technology to hide traffic from command & control (C&C) servers, but also will form a complete platform for computer crime.

At the moment a C&C server only has “to do” actions for various Trojans, say like what kind of information should be gathered from infected machines. That information can then later been “legalized” through RSS feeds. By generating legit RSS service traffic, malware does not need to communicate through various C&C servers. Trojan 2.0 can write stolen bank data to weblogs for instance.

According to researchers with desastrous results. Infected machines can be blocked easily to communicate with the C&C server when you know the IP-address. Trojan 2.0 thanks Web 2.0 functionality has unlimited possibilities to infect PC’s and to communicate and share stolen data. “Security audits now have to be realtime in stead of signature based security.” See this pdf file:

http://www.finjan.com/GetObject.aspx?ObjId=545

pol