Malicious programs hit new high
Feb, 2008: The number of malicious programs found online has reached an unprecedented
high, say security firms.
Reports vary but some estimates suggest there were five times as many
variants of malicious programs in circulation in 2007 compared to 2006.
Security company Panda Software said it was getting more than 3,000 novel
samples of so called malware every day.
Criminals pump out variants to fool anti-virus programs that work, in part,
by spotting common characteristics.
Security software testing organisation AV Test reported that it saw 5.49
million unique samples of malicious software in 2007 - five times more than the
972,606 it saw in 2006.
AV Test reached its total by analysing malicious programs and generating a
digital fingerprint for each unique sample.
The organisation said the different ways malware can be packaged will mean
some duplication in its figures, but the broad trend showed a steep rise.
The organisation uses the samples to test security programs to see how many
they can spot and stop.
Panda Software said the number of malicious samples it received in 2007 was
up ten fold on 2006. In a statement it said the rise represented a "malware
Finnish security firm F-Secure said it had seen a doubling in the number of
pieces of malware it detected in 2007 compared to 2006.
Most of the malicious programs detected by these security organisations are
aimed at the various versions of Microsoft's Windows operating system.
The vast majority of these unique malicious programs will be made up of
elements from older viruses that have been scrambled to look fresh.
"It started about nine months ago, in early 2007, we saw massive surges of
new variants," said Gerhard Eschelbeck, chief technology officer at anti-spyware
"There are days when we see 1,000 or more new samples," he said.
"It's a low-effort high-frequency type threat," he said. "There's no
completely ground-breaking new stuff out there."
He added that hi-tech criminals were adopting several tactics to avoid being
spotted by anti-virus programs which try to spot the "signature" of each
malicious program they know about.
"Anti-virus relies on customers to submit samples," said Mr Eschelbeck, "but
with spyware you typically do not get samples because your customers do not know
they are infected."
Increasingly, security firms have turned to new techniques to combat the rise
in malware variants. Some use heuristics, or rules of thumb, to spot programs
that are similar rather than identical to the ones they have seen before.
Others are using behaviour blockers that shut down any program that shows
BBC Technology News
|Post your Comments/ Views about this News.|
|Tech News:||Updated: February 2008|