Security vendors are warning in recent reports that the threat posed by malware continues to spiral upwards. Kapersky Lab analysts have warned that in 2008, they expect a ten-fold increase in the number of malicious programmes – an increase of more than 20 million on the previous year. The company has also reported that the number of new malicious programmes recorded on the Internet, including viruses, worms and Trojans, amounted to just over 2.2 million – which itself represented a four fold increase on 2006.
Kapersky Lab detected an overall volume of malware of 354GB in 2007 and warns that, in addition to the quantity increase, the quality of malicious programmes is improving. New and more complex samples, such as the notorious Zhelatin, or Storm Worm, are emerging that demonstrate a wide range of hostile behaviour and distribution methods.
Rival companies also acknowledge the unabated rise of malware. MessageLabs, while reporting that the Storm botnet has dramatically decreased to just 5% of its original size, has found that web-based malware in general has increased by 23.3%.
MessageLabs attributes the sudden reduction in Storm-infected machines to the introduction of new malicious software removal tools that are aimed at removing Storm infections. Storm-infected machines are now estimated at approximately 100,000 compromised computers, down from a previously estimated two million.
However, whilst the Storm botnet decreased in size, analysis of web-based malware identified that 36.1% of interceptions in April were new, an increase of 23.3% since March. MessageLabs also identified an average of 1,214 new websites per day harbouring malware and other potentially unwanted programs such as spyware and adware, an increase of 619 per day compared with the previous month.
“April was a month of unpredictability with the mighty Storm botnet losing all but 5% of its anonymous army and web-based malware reaching new levels,” said Mark Sunner, chief security analyst, MessageLabs. “This month we find ourselves fighting the cybercrime battle on many fronts, with the bad guys using an arsenal of weapons in order to detonate spam, viruses, phishing attacks and targeted Trojans, making it more important than ever to have a strong security shield in place.”