Researchers say malware is exploding because malware writers are making money
According to data from McAfee Avert Labs, the monitoring and research arm of security vendor McAfee Inc. (NYSE: MFE), malware attacks are growing at astronomical rates and it’s happening for one simple reason: the malware writers are making money.
Data from McAfee indicates 245 per cent growth in the number of malware being developed from 2006 to 2007, with a further 300 per cent growth projected from 2007 to 2008. And year to date, McAfee said the amount of malware generated has already surpassed 2006 and 2007 combined.
“Cyber crime has completely altered the landscape we’re dealing with today,” said Dave Marcus, director, security research and communications for McAfee Avert Labs. “All the malware we’re seeing today is driven 100 per cent by money, and is designed to harvest information we’re going to see sold on the underground.”
Marcus said there’s a fully developed underground system that has developed, almost a malware industry. One group discovers the vulnerabilities, another writes the code to exploit them, another spreads and distributes the code, then another gathers the results and sells them on the open market.
Most malware today is password-stealing trojans designed to steal usernames and passwords, usually banking information. Usually malware developers won’t loot the accounts themselves, said Marcus, but rather sell the information to a third-party for a premium, a phenomenon known as credit card dumping.
Increasingly, said Marcus, social networking is being used to spread malware, and Web 2.0 is fast becoming a malware writer’s best friend. Sites such as Facebook and MySpace are bring “used and abused,” said Marcus, as a platform to send malware out into the wild.
“Facebook is commonly used for the same thing. These sites solved one of the big problems malware writers had: how do they get their malware out to you,” said Marcus. “It’s more important than ever that our technology keeps pace with these kinds of threats, because everything is being distributed through Web 2.0 sites these days.”
It’s not just social networking sites being targeted, said Marcus. Gaming sites are an increasing target as well. With whole economies developing around online games such as World of Warcraft, through the selling or trading of objects and levels, malware writers are taking note. Also, as people tend to reuse the same username/password combination for numerous logins, if malware writers get it once they can exploit it elsewhere as well.
“The amount of malware is being written because of the amount of money they can steal, and because they can do it with impunity, with very little likelihood of being caught,” said Marcus.
McAfee is hoping to give people the tools to fight back with its recently released 2009 line of consumer-level security software. Madhurima Pawar, senior product manager in McAfee’s consumer strategy and marketing group, said McAfee’s goal with its 2009 line was to be instant, silent, and complete.
Pawar touted McAfee’s speed of updates, promising instant definition updates for new threats compared to five to 15 minutes for rival Symantec. Also new is Active Protection. If a file passes the local database but is still deemed suspicious, a fingerprint is taken and is pinged against McAfee’s backend server. The process will be seamless for the user, promised Pawar.
“This is how we’re ensuring with our 2009 product line we’re delivering the latest updates, thus keeping them protected at all times.”
Work has also been done to make the software less intrusive to the user, and less of a drain on system resources. Pawar said McAfee has been able to achieve a 13 per cent performance improvement when running a full system scan over its 2008 edition.
A new edition to McAfee’s Site Advisor tool is McAfee Secure. Designed to protect customers from identity theft and credit card theft while shopping online, Secure is a trustmark that will appear next to the ratings of sites that have been re-checked daily by McAffee as threat-free.
McAfee offers three levels of consumer products: VirusScan Plus, Internet Security, and Total Protection. All are available now through the McAfee channel.