State of spyware
Posted on 26 Oct 2006 at 11:39
Davey Winder is intrigued by this year's report on spyware, which reveals some unexpected results
It's that time of year again when the latest State of Spyware report is published by Webroot Software, developer of Spy Sweeper (currently our A-Listed anti-spyware application). I always look forward to getting my hands on this, because Webroot is perfectly positioned to offer a real view of the spyware problem, by combining data from its customers (corporate and consumer) and its SpyAudit tools, which invite users to scan specific PCs for infection. And not least, because Webroot culls data via its automated online spyware research system called Phileas V: this employs hundreds of bots to seek out spyware variants before they get into corporate networks or home computers, and generates the new definitions (around 300 every week) that the threat research team sends out several times a week to its users.
Webroot analyses all this data, which is extremely helpful for strategic product planning, and as a welcome by-product the State of Spyware report provides us IT security specialists with a trusted overview of threat trends. And make no mistake, the Q2 2006 report was a little depressing, with a bottom line that shows spyware infection rates rising to their highest levels since 2004. No less than 89% of all consumer PCs scanned were infected, on average with a staggering 30 items of spyware - an upward trend from the Q1 2006 report.
Not surprisingly, Webroot lays the blame for this increase on people who rely on free anti-spyware products - Mandy Rice-Davies definitely applies - but the firm does also admit that new distribution channels and maturing spyware technologies have played a part. It does also, in my never humble opinion, have a point as regards free solutions: in all the anti-spyware tests we've done here at PC Pro, never has any free application performed as well as the best commercial ones, although to be fair many commercial ones perform worse than certain free alternatives. The point remains, though, that for best protection you need a commercial anti-spyware product, and experience over the past year means that's either Spy Sweeper or Spyware Doctor, which dominate the top of my testing tables.
As for the other reasons for the upward trend, the fact that criminal payloads, not just malicious intent, are at the forefront of the spyware industry today means that no stone is left unturned when it comes to exploiting potential targets. Social networking sites have become a popular route to victims, as has infection via spam. Spammers have realised that adding a spyware payload - often in the shape of a RAT (Remote Access Trojan) - lets them leverage valuable system resources to build spam distribution bot farms and steal personal/financial data, either to sell to the highest bidder or to use in their own frauds, or sell on any additional payload space to criminal concerns. What's more, they can do all of this within a single spam.
Hard-core phishers, on the other hand, have realised that the number of newbies flooding online courtesy of increased broadband accessibility means an increased opportunity to defraud, and they've responded with a flood of their own: malicious spyware websites, fake corporate and financial websites, and search engine placement ads to drive traffic to them. Phileas V has identified 527,136 such websites as I write, compared to a total of 427,000 at the end of March. It's hardly surprising then that the percentage of trojan-infected consumer PCs rose from 24% during the last quarter of 2005 to 31%. The most prevalent trojan, accounting for more than one million traces found by Webroot during scans, was Zlob. This in itself is very worrying, as Zlob is actually a trojan downloader that downloads further trojans and malware once it's installed. Zlob exploits users' apparent unquenchable thirst for free stuff by masquerading as a free media codec for Windows Media Player - you know the drill: you run across a free video stream online (probably of illegally pirated material) and to view it you need to download a new codec fast. Bad, bad, bad...
- The ICO's shame-faced u-turn on cookies
- Start8 and ModernMix: making Windows 8 work on a desktop
- How to boost your mobile reception
- How to fix Facebook: Social Fixer
- Taking the stress out of WordPress updates
- Where to download free web fonts
- Turn your tablet into a Sky+ remote control
- How to measure the success of a new IT system
- Three years on: the state of the tablet market
- Windows 8: what works and what doesn't
- Is it worth upgrading a media centre to Windows 8?
- Flickr redesign: is it enough to tempt photographers back?
- Hands on with the new Google Maps
- Nokia Lumia 925 review: first look
- Why I won't subscribe to Creative Cloud
- GoPro camera strapped to a remote-control helicopter: the ultimate boy's toy
- Acer Iconia A1 review: first look
- Acer Aspire P3 review: first look
- Acer Aspire R7 review: first look
- How we produce the PC Pro podcast
- BBC admits £100 million IT project was a "waste"
- IBM's Watson answers customers' questions
- New CEO reorganises Intel to target "new devices"
- Dell profits slide 79% amid buyout talks
- Forget cloud subscriptions: users prefer standard licences
- McAfee: cloud storage could help spread viruses
- Analysts question Windows 8 as UK PC shipments slump
- Google pools storage across Gmail and Drive
- Ofcom accused of killing off VoIP competition
- ShoreTel dock turns iPhones and iPads into desk phones