March 05, 2008
—
CSO
—
By Katherine Walsh
Trojans have surpassed downloaders as the most common form of malware, but it is becoming increasingly difficult to distinguish different categories of malware, according to new research by X-Force, the vulnerability and threat research arm of IBM Internet Security Systems.
In its analysis of 410,000 malware samples collected during 2007--one-third more samples than were collected the year before--X-Force found that Trojans (malware posing as legitimate files) represented the largest category, with 26 percent of all malware. This is in contrast to 2006, when downloaders (which exist to install more sophisticated pieces of malware) were the most common category, followed closely by Trojans and worms.
This year, worms comprised the second largest category of malware, with 16 percent, but still fell far behind Trojans. The number of downloaders has decreased significantly from 2006 levels.
However, even as researchers presented a breakdown of malware types that adds up to 100 percent, they noted that it is increasingly difficult to distinguish one category from another. Malicious coders are combining successful techniques from different types of attacks, the report said, calling modern malware “the digital equivalent of the Swiss Army knife.” For example, X-Force lists separate but small categories for rootkits, keyloggers and spyware, which spread through many of the techniques called out in other, larger categories.
The most frequently occurring Internet malware in 2007 was Trojan.Win32.Agent: 26, which accounted for 24 percent of all Trojans. The most common worm was the Net-Worm.Win32Allaple, a family of polymorphic worm that propagates by exploiting Windows vulnerabilities.
Frequency breakdown of various types of malware:
Trojans: 26 percent
Worm: 16 percent
Adware: 14 percent
Virus: 12 percent
Downloader: 10 percent
Password stealer: 6 percent
Dialer: 6 percent
Backdoor: 6 percent
Other: 4 percent
Keylogger: 0.357 percent
Rootkit: 0.277 percent
Spyware: 0.075 percent
The full report is available as a PDF from IBM’s website.
Associate Staff Writer Katherine Walsh can be reached at kwalsh@cxo.com.
--
The comment field below does not work. Please send your feedback directly to the author.
Data Center Directions Virtual Conference
Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.
The Surest Path to Effective and Efficient Compliance
In this webcast, we explore why and how — with best practices, practical tips and solutions that work — to ease your compliance challenge.
Prudential Financial Protects its Brand with Symantec Data Loss Prevention Solutions
FORTUNE 100 insurance leaders rely on Symantec.Information Security: Data Drains and How to Prevent Loss
Do you know where your confidential data is?Data Loss Prevention: Keeping Sensitive Data Out of the Wrong Hands
Learn what the thought-leaders at PricewaterhouseCoopers have to say.7 Requirements of Data Loss Prevention
Incorporate best practices from many companies using DLP solutions.Ponemon Study: How Much Does a Data Breach "Cost"?
35 U.S. organizations that lost confidential information and had a regulatory requirement to publicly notify affected individuals are studied in this report.
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
Data Loss Prevention
-
November 13, 2008The Roosevelt HotelRegister now »
New York, NY 10017
(ISC)2 members can earn up to 6 CPE Credits
Reference priority code ONLINE and attend this program as our guest — that's a $295 savings!
