Share
ESET senior researcher Pierre-Marc Bureau along with the ESET research team compiled the data from the last few months of use from ESET’s online scanning offering. What they discovered is that when a computer is infected, there is an average of thirteen malicious files per system.
ESET research discovers an average of 13:1 infection ratio. (IMG:J.Anderson)
The research started with the data compiled by the online scanner located on ESET’s site. The scanner is one of a few online that will scan your system for infections without actually needing to install an ESET product. The data samples studied included half a million computers from the last three months.
The ratio of thirteen malicious files per one infected system is only the starting point, Bureau said. A Malware infection does not equal one malicious file on a system, as many files on a computer are infected, if not infested, thanks to the nature of some of the Malware online today.
“Modern malware families such as WMA/TrojanDownloader.GetCodec infect multimedia files, and playing any of these files will result in an infection of a system. For example, if you have 500 songs on your computer and you get infected by that threat, you will have more than 500 malicious files on your PC,” Bureau explained.
Another point of interest from the data studied included the trend that on average there are three Malware families on any given infected system. This is the result of another trend, the pay per install Malware distribution programs, where criminals are paid based on the number of hosts they can infect. In reality this is a very lucrative business, and some criminals have made thousands in a given day because of it.
“One very good example of such malicious software are rogue antivirus programs. Rogue antivirus scams typically do not copy themselves to external drives, nor do they propagate through a network. Their operators simply pay other criminal gangs every time a copy of their rogue software is installed on a PC,” Bureau noted.
One example of this came thanks to Conficker back in March. The Conficker variant was mostly dormant on many systems being monitored by Virus researchers, and then completely at random, it downloaded and installed a Waledac variant, which included Rogue anti-Virus.
This led many researchers and analysts to speculate that the group behind Conficker was collecting money from the installation of Waledac. To this day no one knows for sure if that was what happened. For that matter, the group behind Conficker is sill unknown.
Bureau said that ESET is processing more than 100,000 new samples of Malware daily, adding that, “…there are more malware authors than ever and their technologies are getting better to rapidly create new variants of malicious code.”
In addition to the research, ESET also published their Threat Trend Report for August. In the report, Conficker, Trojans aimed at online games, the Swizzor family of Malware, and the Qhost family of Malware, which offers remote control over an infected system to the attacker, are noted as some of the top ten threats.
You can read that report here.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story