State of spyware
Posted on 26 Oct 2006 at 11:39
Davey Winder is intrigued by this year's report on spyware, which reveals some unexpected results
It's that time of year again when the latest State of Spyware report is published by Webroot Software, developer of Spy Sweeper (currently our A-Listed anti-spyware application). I always look forward to getting my hands on this, because Webroot is perfectly positioned to offer a real view of the spyware problem, by combining data from its customers (corporate and consumer) and its SpyAudit tools, which invite users to scan specific PCs for infection. And not least, because Webroot culls data via its automated online spyware research system called Phileas V: this employs hundreds of bots to seek out spyware variants before they get into corporate networks or home computers, and generates the new definitions (around 300 every week) that the threat research team sends out several times a week to its users.
Webroot analyses all this data, which is extremely helpful for strategic product planning, and as a welcome by-product the State of Spyware report provides us IT security specialists with a trusted overview of threat trends. And make no mistake, the Q2 2006 report was a little depressing, with a bottom line that shows spyware infection rates rising to their highest levels since 2004. No less than 89% of all consumer PCs scanned were infected, on average with a staggering 30 items of spyware - an upward trend from the Q1 2006 report.
Not surprisingly, Webroot lays the blame for this increase on people who rely on free anti-spyware products - Mandy Rice-Davies definitely applies - but the firm does also admit that new distribution channels and maturing spyware technologies have played a part. It does also, in my never humble opinion, have a point as regards free solutions: in all the anti-spyware tests we've done here at PC Pro, never has any free application performed as well as the best commercial ones, although to be fair many commercial ones perform worse than certain free alternatives. The point remains, though, that for best protection you need a commercial anti-spyware product, and experience over the past year means that's either Spy Sweeper or Spyware Doctor, which dominate the top of my testing tables.
As for the other reasons for the upward trend, the fact that criminal payloads, not just malicious intent, are at the forefront of the spyware industry today means that no stone is left unturned when it comes to exploiting potential targets. Social networking sites have become a popular route to victims, as has infection via spam. Spammers have realised that adding a spyware payload - often in the shape of a RAT (Remote Access Trojan) - lets them leverage valuable system resources to build spam distribution bot farms and steal personal/financial data, either to sell to the highest bidder or to use in their own frauds, or sell on any additional payload space to criminal concerns. What's more, they can do all of this within a single spam.
Hard-core phishers, on the other hand, have realised that the number of newbies flooding online courtesy of increased broadband accessibility means an increased opportunity to defraud, and they've responded with a flood of their own: malicious spyware websites, fake corporate and financial websites, and search engine placement ads to drive traffic to them. Phileas V has identified 527,136 such websites as I write, compared to a total of 427,000 at the end of March. It's hardly surprising then that the percentage of trojan-infected consumer PCs rose from 24% during the last quarter of 2005 to 31%. The most prevalent trojan, accounting for more than one million traces found by Webroot during scans, was Zlob. This in itself is very worrying, as Zlob is actually a trojan downloader that downloads further trojans and malware once it's installed. Zlob exploits users' apparent unquenchable thirst for free stuff by masquerading as a free media codec for Windows Media Player - you know the drill: you run across a free video stream online (probably of illegally pirated material) and to view it you need to download a new codec fast. Bad, bad, bad...
- How to sell more ebooks on Amazon
- 10 ways to make your business more secure
- Top five VoIP mistakes
- How to add in-app purchasing to an iPhone, Android or Windows app
- Remote-control ransomware: TeamViewer and software hardball
- Why laptops with serial ports matter to the Internet of Things
- Make your mobile battery last longer
- Small steps into handling Big Data
- Nexus 5: does it really run stock Android?
- How to get broadband to a garden office
- How to check your identity hasn’t been sold to the hackers
- Tim Cook: this is how much TV has changed since the 70s
- Westminster wins the .London battle
- 20 years of PC Pro: from deep pan pizza to virtualisation
- Five reasons why the Apple Watch leaves me cold
- Apple Watch, iPhone 6 and 6 Plus: Tim Cook's Apple back with a bang?
- BT Home Hub 5: how to get maximum speed
- 20 years of PC Pro: one-star reviews (including "the worst tablet we've ever seen")
- 20 years of PC Pro: our best covers
- Why we've closed the PC Pro forums
- Toshiba beats retreat from consumer PC market
- Ellison steps down: but who's really running Oracle now?
- Microsoft set to make more job cuts
- Is Peter Pan panto tickets email genuine? Oh no, it isn't
- Intel triples Xeon E5 chip performance, adds DDR4
- Patch Tuesday targets critical IE flaw
- Microsoft refuses to hand over customer emails
- Microsoft yanks Windows 8.1 update after crash reports
- Microsoft backtracks on blocking out-of-date Java
- Gartner: time to start planning your Windows 7 upgrade