According to data gathered from scans performed by the Panda ActiveScan, the online anti-malware solution, spyware and adware represent 60 percent of all examples of malware detected between January and March 2005.
After spyware and adware, the malware most frequently detected in the computers of Panda ActiveScan users were Trojans, accounting for some 18 percent. Of these, 5 percent belonged to the Downloader family, designed to download other malware -mainly spyware- onto infected computers.
According to Luis Corrons, director of PandaLabs, “In the first quarter of this year, despite the apparent calm, we have witnessed a silent spyware epidemic. This confirms a basic sea-change in the motives of malware creators, who now, instead of simply wanting to damage computers, are driven by the goal of financial gain. This in turn also explains the activity of Trojans, which are closely linked to spyware as they can be used as a propagation vector for these spy programs.”
Computer worms on the other hand, a type of malware which has traditionally been highly active, were only detected in 11 percent of cases. Other well-known types of malware were far less prevalent, such as a backdoor Trojans (2%) or dialers (0.3%).
New examples of malware in the first quarter of 2005
According to data obtained by PandaLabs, of all the new examples of malware detected during the first quarter of 2005, 42 percent were Trojans.
Nevertheless, and with particular regard to worms, their creators have chosen a new strategy in order to infect as many computers as possible. This involves launching, over a very short period of time, many variants of the same worm, dramatically increasing the possibility of a computer becoming infected by this malicious code.
“We are also noticing the effects of financial motivation of the creators of worms, as from what we have seen in the first quarter they are being used not just to spread rapidly and widely, but also to install other malware on systems. One such example is the Mytob family of worms of which there are already more than 60 members, all of which appeared in the first three months of 2005. These worms can, for example, create networks of computers affected by a particular example of spyware or create “zombie’ spammers, actions that can offer excellent returns to unscrupulous users.
Phishing attacks on the increase
Phishing, a type of online fraud that tries to steal confidential data from users by spoofing emails from reliable sources such as banks, has increased at a monthly rate of 20 percent during the first quarter of this year, in terms of the number of new emails using this kind of fraud.
“The increase in phishing attacks is also accompanied by the appearance of new forms of online fraud. One of these, known as pharming, may well represent a serious threat in the short term. It involves altering the DNS addresses used to browse the Internet. So for example, when a user enters the address of their online banking service, they reach a web page that perfectly imitates the original site but which reality has been created by a hacker who then receives all the data that a user enters,” adds Corrons.
In order to help as many users as possible scan and disinfect their computers, Panda Software offers Panda ActiveScan, free of charge, at http://www.pandasoftware.com. ActiveScan is also available to webmasters that want to include it on their websites. Those who would like to include it on their sites can request the HTML code from http://www.pandasoftware.com/partners/webmasters/
Panda Software also offers users Virus Alerts, an e-bulletin in English and Spanish that gives immediate warning of the emergence of potentially dangerous malicious code. To receive Virus Alerts just visit Panda Software’s website (http://www.pandasoftware.com/about/subscriptions/) and complete the corresponding form.
For further information about the malicious code described above and others, visit Panda Software’s Virus Encyclopedia at http://www.pandasoftware.com/virus_info/encyclopedia/.
On receiving a possibly infected file, Panda Software’s technical staff get straight down to work. The file is analyzed and depending on the type, the action taken may include: disassembly, macro scanning, code analysis etc. If the file does in fact contain a new virus, the disinfection and detection routines are prepared and quickly distributed to users.