State of spyware
Posted on 26 Oct 2006 at 11:39
Davey Winder is intrigued by this year's report on spyware, which reveals some unexpected results
It's that time of year again when the latest State of Spyware report is published by Webroot Software, developer of Spy Sweeper (currently our A-Listed anti-spyware application). I always look forward to getting my hands on this, because Webroot is perfectly positioned to offer a real view of the spyware problem, by combining data from its customers (corporate and consumer) and its SpyAudit tools, which invite users to scan specific PCs for infection. And not least, because Webroot culls data via its automated online spyware research system called Phileas V: this employs hundreds of bots to seek out spyware variants before they get into corporate networks or home computers, and generates the new definitions (around 300 every week) that the threat research team sends out several times a week to its users.
Webroot analyses all this data, which is extremely helpful for strategic product planning, and as a welcome by-product the State of Spyware report provides us IT security specialists with a trusted overview of threat trends. And make no mistake, the Q2 2006 report was a little depressing, with a bottom line that shows spyware infection rates rising to their highest levels since 2004. No less than 89% of all consumer PCs scanned were infected, on average with a staggering 30 items of spyware - an upward trend from the Q1 2006 report.
Not surprisingly, Webroot lays the blame for this increase on people who rely on free anti-spyware products - Mandy Rice-Davies definitely applies - but the firm does also admit that new distribution channels and maturing spyware technologies have played a part. It does also, in my never humble opinion, have a point as regards free solutions: in all the anti-spyware tests we've done here at PC Pro, never has any free application performed as well as the best commercial ones, although to be fair many commercial ones perform worse than certain free alternatives. The point remains, though, that for best protection you need a commercial anti-spyware product, and experience over the past year means that's either Spy Sweeper or Spyware Doctor, which dominate the top of my testing tables.
As for the other reasons for the upward trend, the fact that criminal payloads, not just malicious intent, are at the forefront of the spyware industry today means that no stone is left unturned when it comes to exploiting potential targets. Social networking sites have become a popular route to victims, as has infection via spam. Spammers have realised that adding a spyware payload - often in the shape of a RAT (Remote Access Trojan) - lets them leverage valuable system resources to build spam distribution bot farms and steal personal/financial data, either to sell to the highest bidder or to use in their own frauds, or sell on any additional payload space to criminal concerns. What's more, they can do all of this within a single spam.
Hard-core phishers, on the other hand, have realised that the number of newbies flooding online courtesy of increased broadband accessibility means an increased opportunity to defraud, and they've responded with a flood of their own: malicious spyware websites, fake corporate and financial websites, and search engine placement ads to drive traffic to them. Phileas V has identified 527,136 such websites as I write, compared to a total of 427,000 at the end of March. It's hardly surprising then that the percentage of trojan-infected consumer PCs rose from 24% during the last quarter of 2005 to 31%. The most prevalent trojan, accounting for more than one million traces found by Webroot during scans, was Zlob. This in itself is very worrying, as Zlob is actually a trojan downloader that downloads further trojans and malware once it's installed. Zlob exploits users' apparent unquenchable thirst for free stuff by masquerading as a free media codec for Windows Media Player - you know the drill: you run across a free video stream online (probably of illegally pirated material) and to view it you need to download a new codec fast. Bad, bad, bad...
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office
- How to write your company's IT security policy
- Raspberry Pi and Wolfram: a must-have for every child
- Could you get by with Office Web Apps?
- The best Android antivirus apps for 2014
- Headings vs headers: how to use both in Word
- Hello Cortana, it's nice to meet you
- Windows 8.1 Update: an abject surrender
- The insane economics of Sky Now TV
- No such thing as a free app... so pay up if you want quality
- Time to outlaw crapware-laden installers
- Windows Phone 8.1 video: hands-on
- Office for iPad: key information
- Why every PC buyer owes Richard Durkin a debt of gratitude
- HTC One M8 vs Samsung Galaxy S5: 2014's big-hitters compared
- Windows XP end of life: key information
- Cisco: 100% of companies hosting malware
- Microsoft supercharges PowerPoint with Office Mix
- Microsoft and Nokia deal tweaked ahead of completion
- Microsoft slashes custom XP support price
- Ubuntu LTS Server 14.04 extends cloud support
- Intel: PC sales are "encouraging"
- Google to rank encrypted pages higher
- Heartbleed: the race to reissue security certificates
- Dropbox boosts app line-up with Carousel and Mailbox for Android
- BlackBerry CEO says not selling off phones "any time soon"