In a military operation, a beachhead is a point where an attacking force landing by sea reaches a beach and defends it until reinforcements arrive. At this point, the reinforcements will expand the attack. What can this possibly have to do with malicious code? In the last six months, we’ve seen a large shift towards multistage attacks as described in Volume XII of the Symantec Internet Security Threat Report. The first stage of a typical multistage malicious code attack consists of a small and quiet initial downloader Trojan being installed on a computer. This initial stage may disable security applications on the computer, then download other malicious code as part of a secondary stage attack (expanding the beachhead).
Of great concern is that the secondary stages usually allow the attackers to perform a wider variety of attacks against the user. The later stages are often back...
