A Panda Security report detailing the Malware trends during the first three months of 2009 outlines that Trojans accounted for 73 percent of all new Malware created. Yet, the explosion of Spyware during the same period is something to raise an eyebrow or two. According to Panda, Spyware rose from 2.5 percent in Q4 of 2008, to 13.15 percent in Q1 of 2009.
Spyware levels jump over ten percent in Q1 (IMG: Panda)
“We have seen a dramatic increase in the amount of Spyware in circulation over this period, probably aimed at saturating laboratories and consequently infecting more users”, said Luis Corrons, Technical Director of PandaLabs.
Panda offers that Virtumonde Spyware infected more computers than any other malicious code in the first quarter of 2009. Virtumonde combines aspects of Adware and Spyware by monitoring Internet movements, rigging search engine results, and displaying advertising banners, pop-ups, and more.
Yet, despite the notable growth of Spyware, it is still way behind Trojans (31.51 percent) and Adware (21.13 percent) in terms of the number of infections caused overall during the first quarter. Spam remained stable, Panda said, as there have not been any considerable changes over the last few months. Panda’s observations are slightly different compared to Postini, Google’s e-mail security provider.
Postini said that, “by the second half of March, seven-day average spam volume was at the same volume we saw prior to the blocking of the McColo ISP in November 2008.”
Security vendors and researchers noticed a severe drop in Spam levels shortly after McColo went offline. Since then, as early as December, researchers have noted a trend whereby levels are on the rise again.
“Spammers have clearly rallied following the McColo takedown, and overall spam volume growth during Q1 2009 was the strongest it's been since early 2008, increasing an average of 1.2% per day,” Postini added in a blog post on the data. “To put that number into context, the growth rate of spam volume in Q1 2008 was approximately 1% per day – which, at the time, was a record high.”
Although it first appeared at the end of 2008, the Conficker Worm has been the malicious code that has kept security companies busiest during the first three months of the year, Panda said. This is due to the large number of infections caused between December 2008 and January 2009.
In addition, there was considerable concern about its supposed reactivation on April 01. However, until now, no new versions or additional infections have been detected, other than those already associated to the previously active variants.
“It is still possible that at any moment one of the URLs created by Conficker on April 1 could be activated and the worm could download an update to its code or new malware. In any event, this would only affect users who are unprotected against Conficker, although there are still a large number”, said Corrons.
Looking at location, Panda said the region with the highest percentage of active Malware continues to be Taiwan (31.7 percent). Brazil and Turkey are also noteworthy as they occupy second and third place respectively, overtaking Spain and the United States. Mexico has witnessed a decrease in the amount of active Malware (17.95 percent), dropping almost 10 percent compared to the 24.87 percent active average recorded for the whole of 2008.
The entire report from Panda can be read by clicking here.
Want regular updates from The Tech Herald? Follow us on Twitter.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Comment on this Story