Demand for new malicious programs reaches saturation point
According to Kaspersky Lab, the number of new malware files detected by its products in 2015 decreased to 310,000 a day, falling 15,000 from the 2014 number of 325,000. However, despite the reduction in malware creation, in 2015 the number of users that were targets of attacks by cybercriminals increased by five percent.
Between 2012 and 2013, there was a rapid increase in the number of new malicious files detected by Kaspersky Lab; from 200,000 new files every day in 2012 to 315,000 in 2013. Thereafter, in 2014 things started to slow down and the daily total increased by just 10,000 files to 325,000.
Kaspersky Lab experts believe the demand for new malicious programs has reached a saturation point, as coding new malware has become expensive and cybercriminals have realized the benefits of using intrusive advertising programs or legitimate digital signatures in their attacks.
Cybercriminals in search of a quick return appear to have decided that complex coding tools such as rootkits, boot kits or replicating viruses, may bring results, but can cost tens of thousands of dollars to develop, reducing their overall margins and revenue. For this reason, 2015 saw adware become more prominent among all anti-virus detections. This marks an evolution in cybercriminal tactics, with many now acting almost as businesses, engaged in selling quasi-legitimate commercial software, activity and more.
In addition, cybercriminals and even advanced, state-sponsored threat actors are making greater use of legal certificates for digital products. With the help of bought or stolen certificates, attackers deceive security software, which trusts an officially-signed file more than a regular one.
“Cybercrime has lost the last touch of romance. Today, malware is created, bought and resold for specific tasks. The commercial malware market has settled, and is evolving towards simplification. I think will we no longer see malicious “code for the code.” This trend is also observed among the operators of targeted attacks,” says Vyacheslav Zakorzhevsky, Head of Anti-Malware Team at Kaspersky Lab.