Malware Is Their Business…and Business Is Good!
Wednesday July 22, 2009 at 9:05 am CST
Posted by David Marcus
I cribbed the title from Megadeth–I admit it. However, when looking at this year’s growth in malware it seems disturbingly appropriate. Global economic downturn or not, malware production continues at a record-setting pace because this is how many cybercriminals make their money. (Malware long ago stopped being about fun and bragging.)
We at Avert Labs have seen almost as much unique malware in the first half of 2009 as we did in ALL of 2008. This is quite something when you consider that in 2008 we saw the greatest ever growth in malware:
For you math and data junkies that comes out to an average of 200,000 unique pieces monthly or more than 6,000 daily. Yep–that was over 6,000 on a daily basis. Bear in mind these are malware we consider unique (something we had to write a driver for) and does not count all the other malware we detect generically or heuristically, but we will save that discussion for another post. When you add in the generic and heuristic detections the number becomes truly mind boggling.
Even when compared to the first half of 2008, the growth is almost three times what it was. The sheer growth is even challenging Moore’s Law a bit.
Our latest whitepaper, Financial Fraud and Internet Banking: Threats and Countermeasures, explains how much of this malware can be used to scam and steal from users. The new whitepaper was written by one of our French researchers, François Paget. It can be found here.
There are many reasons why malware continues to grow, but it is mainly a criminal’s game at this point. Malware steals data. The people who write and distribute malware are criminals. Pretty plain and simple to me. The tools and code are readily available and that will certainly not change, but (and this is important) it is also definitely NOT doomsday. Staying educated and updated goes a long way toward safe computing.
July 22nd, 2009 at 10:31
I’m curious as to what your methodology is to distinguish a malware sample as unique? Are we talking a different hash of the binary, unique bot builds, unique bots?
July 22nd, 2009 at 16:51
I think someone should create vaccines with a “virus like mobility”, even if it means that my computer will become a battle field. Those vaccine agents may change the graphics. It would make the security programs shift from defensive-passive to a lot more aggressive and more interesting field.
July 22nd, 2009 at 22:49
[...] per a recent report by Avert Labs, malware has grown more than 3 times when compared with the first half of 2008 and 2009. The report [...]
July 23rd, 2009 at 05:08
Thank you for these interesting statistics. And btw, nice also to see there are Megadeth fans out there…
July 23rd, 2009 at 06:40
New Malware is Flooding the Computer World…Fast…
David Marcus, from McAfee Avert Labs, wrote an article yesterday entitled "Malware is their Business…and Business is Good!" In this article (the title is a reference to Megadeth’s debut album), Marcus provided some absolutely chilling sta…
July 23rd, 2009 at 23:57
[...] tootja Mcafee teatab, et on 2009 esimese poolaasta jooksul leidnud ca 1.2 milljonit ühikut uut pahavara. See [...]
July 24th, 2009 at 06:10
I second Matthew’s questions.
July 24th, 2009 at 08:03
mainly unique hashes (which includes as properties much of what you stated in your comment) normailizing out duplicates and so on…..
July 24th, 2009 at 08:47
[...] of their own regarding the growth in new attacks (and the subsequent need for new signatures) via a blog post by McAfee Avert Labs. In that post, McAfee says that the number of new attacks is three times the [...]
July 24th, 2009 at 10:30
[...] Following up on Dave’s recent post about Malware Growth, the guys from AV-Test in Germany just released their updated stats. To avoid [...]
July 28th, 2009 at 04:16
[...] added in 2008 total. That equates to just about 9,000 new signatures a day. McAfee noted in an entry in their Avert Labs blog that they were writing over 6,000 new signatures a day and they don’t count what is caught by [...]
August 26th, 2009 at 05:09
[...] is raining sideways more than ever. McAfee Avert Labs noted in a recent blog post that they see 6,000 new malware instances per day that pass through their signatures, generic [...]
September 21st, 2009 at 15:30
[...] was needed to deal with the astronomical growth in malicious software and the rate at which malware keeps coming at us today. The traditional signature-based approach no longer [...]
September 24th, 2009 at 04:52
[...] of malware designed to steal your passwords increased 400 percent. In the first half of this year, malware growth nearly surpassed the entire quantity created in 2008. The danger to your passwords has never been greater. This [...]
November 5th, 2009 at 10:00
[...] Marcus, David, “Malware is their Business…and Business is Good!” http://www.avertlabs.com/research/blog/index.php/2009/07/22/malware-is-their-businessand-business-is... [...]
December 12th, 2009 at 04:03
[...] up on the recent post by my colleague Dave Marcus concerning malware growth, the guys from AV-Test in Germany just [...]
December 12th, 2009 at 04:06
[...] of malware designed to steal your passwords increased 400 percent. In the first half of this year, malware growth nearly surpassed the entire quantity created in 2008. The danger to your passwords has never been greater. This [...]