Symantec report shows huge growth in malware

The amount of malicious code activity continued to grow at a record pace throughout 2008, primarily targeting computer users’ confidential information, warned Symantec.

In its Internet Security Threat Report Volume XIV, the security company said cyber criminals are increasingly using customised toolkits to create malware, but it had blocked, on average, more than 245 million attacks last year.

In order to do this, Symantec identified more than 1.6 million new signatures; this is over 60 per cent of the total malicious code signatures ever created by the company.

The report noted that web surfing remained the primary source of new infections in 2008; nine in 10 of the new threats detected by Symantec during the study period attempt to steal confidential information.

Websites that downloaded malware with a keystroke-logging capability, which can be used to steal information such as online bank account information, made up 76 per cent of threats to confidential information, up from 72 per cent in 2007.

Marc Fossi, the report’s executive editor said: “The unfortunate reality is that innocent web surfers can visit a compromised website and unknowingly place their personal and financial information at risk. Computer users have to be extra vigilant about their security practices.”

Phishing attacks were up 66 per cent on 2007, with financial services accounting for over three-quarters of the lures to con consumers. Despite efforts to curb spam, it continued to grow and was up 192 per cent on 2007’s figures. Most of the spam (90 per cent) sent in 2008 was sent out by botnets.

Even the shutdown of two US-based botnet hosting outfits only briefly stemmed the flow as the criminals swiftly bounced back.

Symantec’s Internet Security Threat Report is derived from data collected by millions of Internet sensors, first-hand research, and active monitoring of hacker communications.

The study period for the report covers January to December 2008. It reported that web-based attacks originated from countries around the globe.

The majority came from websites based in the United States (38 per cent), followed by China (13 per cent) and the Ukraine (12 per cent). However, countries in Europe and the Middle East Africa accounted for 45 per cent of the worldwide total, more than any other region.

Symantec said this was because there is a huge growth in new websites going online and security may not be strong.

The report also warned that the Conficker worm remains a serious problem. By the end of 2008, more than one million individual computers had been infected; this has grown rapidly to more than three million during the first quarter of 2009.