State of spyware
Posted on 26 Oct 2006 at 11:39
Davey Winder is intrigued by this year's report on spyware, which reveals some unexpected results
It's that time of year again when the latest State of Spyware report is published by Webroot Software, developer of Spy Sweeper (currently our A-Listed anti-spyware application). I always look forward to getting my hands on this, because Webroot is perfectly positioned to offer a real view of the spyware problem, by combining data from its customers (corporate and consumer) and its SpyAudit tools, which invite users to scan specific PCs for infection. And not least, because Webroot culls data via its automated online spyware research system called Phileas V: this employs hundreds of bots to seek out spyware variants before they get into corporate networks or home computers, and generates the new definitions (around 300 every week) that the threat research team sends out several times a week to its users.
Webroot analyses all this data, which is extremely helpful for strategic product planning, and as a welcome by-product the State of Spyware report provides us IT security specialists with a trusted overview of threat trends. And make no mistake, the Q2 2006 report was a little depressing, with a bottom line that shows spyware infection rates rising to their highest levels since 2004. No less than 89% of all consumer PCs scanned were infected, on average with a staggering 30 items of spyware - an upward trend from the Q1 2006 report.
Not surprisingly, Webroot lays the blame for this increase on people who rely on free anti-spyware products - Mandy Rice-Davies definitely applies - but the firm does also admit that new distribution channels and maturing spyware technologies have played a part. It does also, in my never humble opinion, have a point as regards free solutions: in all the anti-spyware tests we've done here at PC Pro, never has any free application performed as well as the best commercial ones, although to be fair many commercial ones perform worse than certain free alternatives. The point remains, though, that for best protection you need a commercial anti-spyware product, and experience over the past year means that's either Spy Sweeper or Spyware Doctor, which dominate the top of my testing tables.
As for the other reasons for the upward trend, the fact that criminal payloads, not just malicious intent, are at the forefront of the spyware industry today means that no stone is left unturned when it comes to exploiting potential targets. Social networking sites have become a popular route to victims, as has infection via spam. Spammers have realised that adding a spyware payload - often in the shape of a RAT (Remote Access Trojan) - lets them leverage valuable system resources to build spam distribution bot farms and steal personal/financial data, either to sell to the highest bidder or to use in their own frauds, or sell on any additional payload space to criminal concerns. What's more, they can do all of this within a single spam.
Hard-core phishers, on the other hand, have realised that the number of newbies flooding online courtesy of increased broadband accessibility means an increased opportunity to defraud, and they've responded with a flood of their own: malicious spyware websites, fake corporate and financial websites, and search engine placement ads to drive traffic to them. Phileas V has identified 527,136 such websites as I write, compared to a total of 427,000 at the end of March. It's hardly surprising then that the percentage of trojan-infected consumer PCs rose from 24% during the last quarter of 2005 to 31%. The most prevalent trojan, accounting for more than one million traces found by Webroot during scans, was Zlob. This in itself is very worrying, as Zlob is actually a trojan downloader that downloads further trojans and malware once it's installed. Zlob exploits users' apparent unquenchable thirst for free stuff by masquerading as a free media codec for Windows Media Player - you know the drill: you run across a free video stream online (probably of illegally pirated material) and to view it you need to download a new codec fast. Bad, bad, bad...
- 10 ways to make your business more secure
- Top five VoIP mistakes
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office
- How to write your company's IT security policy
- 20 years of PC Pro: our greatest review mistakes
- 20 years of PC Pro: our first A-List
- Wikipedia's "right to be forgotten" protest hits the wrong note
- 3D printing hits the high street for plastic selfies
- 20 years of PC Pro: What amazed us in our first issue
- How Google Glass ruined my lunch hour
- Smartphone battery packs: can a USB power pack beat the festival battery blues?
- Windows Easy Transfer – not so "easy" in Windows 8.1
- Formula 1: what a difference virtualisation makes
- Office of the future: comfy chairs and tablets everywhere
- Microsoft yanks Windows 8.1 update after crash reports
- Microsoft backtracks on blocking out-of-date Java
- Gartner: time to start planning your Windows 7 upgrade
- Still on IE8? You've got 18 months to upgrade
- Who's buying Chromebooks? American schools
- Microsoft targets Windows in next Patch Tuesday
- Microsoft to block old ActiveX controls in security push
- Samsung and Apple call off all legal disputes, except in the US
- Microsoft ordered to hand over European data
- Will the next Windows 8.1 update arrive next month?