Trojans accounted for 54.4 percent of the new malware detected in Q2 2006
Over fifty-four percent of the new malware detected by PandaLabs in the second quarter of 2006 were Trojans. This data shows an increase compared to the previous quarter, when they accounted for 47 percent of malware detected. At the same time, the number of worms (which until recently were one of the types of malware most frequently used by cyber-criminals) continued to fall, representing less than five percent of the total.
These figures confirm the new malware dynamic, in which the objective is financial profit, as Trojans are one of the most commonly used threats to achieve this aim. According to Luis Corrons, director of PandaLabs: “The Trojan is an extremely versatile malicious code, as it can carry out many damaging actions: steal confidential information, take remote control of affected computers, capture keystrokes, etc. What’s more, it is usually installed very discreetly and carries out its actions without the user realising, making it the ideal tool for cyber-criminals. Epidemics caused by mass-mailing worms or by those that exploit software vulnerabilities attract the attention of users, who quickly remove them from their systems. For this reason, they are not suitable for making money easily.”
This new aim of malware creators is also reflected in the large number of bots (16%) and backdoor Trojans (12%) detected over the last quarter. These types of threats are also widely used in other criminal business models that provide income for cyber-criminals. Bots allow zombie networks to be created, consisting of thousands of computers that can be controlled by the attacker to carry out actions like sending spam. A very sophisticated example is ClickBot.A, a bot that infected thousands of computers, implicating the users of these computers in a wide-scale fraud scam in pay-per-click systems.
“Although large epidemics seem to have become a thing of the past, the current situation of the Internet as regards IT threats is worrying. The amount of new malware is gradually increasing, and most of it is related to cyber-crime. This situation causes users to relax, and in many cases, this means that computers are not correctly protected. However, now more than ever, malware authors are trying to drop their creations on computers without users realising and therefore, it is not only essential to install a completely up-to-date traditional antivirus solution, but also to use it in combination with proactive technologies that can detect unknown malware,” concludes Luis Corrons.