View Full Version : The growth of malware

2008-01-25, 00:56
Wow... 'really sad. :sad:

- http://sunbeltblog.blogspot.com/2008/01/growth-of-malware.html
January 24, 2008 - "Interesting data from Andreas Marx at AV-Test.org. This chart shows the growth of unique samples (by MD5) per year...

Year # of unique samples (MD5) (Abbreviated list)
1985 564
1986 910
1987 389
1988 1,738...
2005 333,425
2006 972,606
2007 5,490,960

It's worth noting that these numbers are also increasing because of variants -- i.e. the same Trojan will be changed sometimes hourly or daily just to try and fool the scanners. So it's not like there's over 5 million unique pieces of malware. There are many that are variants of the same piece of malware. Nevertheless, this is a good representation of the staggering load of malware that anti-malware folks are under... A small platoon won’t win this war. You need a brigade."

> http://www.sunbelt-software.com/ihs/alex/malwaremd5charts.PNG


2008-03-02, 16:49

RBN "Rizing" report...
- http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20080301
1 March 2008 - "...Previous studies have suggested that the RBN has ties to nearly every area of cybercrime, including: phishing, malware, DDOS activity, pornography, botnets, and anonymization. In November 2007, media reporting indicated that a large portion of the RBN “went dark.” Since that time, the Shadowserver Foundation has been more closely analyzing outlying networks implicated as being associated with RBN... SecurityZone.org reported in early December 2007 that while not everything in TurkTelekom appears to be malicious, there are some ranges that are “particularly bad” and analysis of Shadowserver Foundation data agrees. Several subranges quickly stand out as being deeply involved in malicious cyber activity..."

(PDF document link at the URL above - outstanding report from Shadowserver. Great work!)


2008-03-16, 05:44

- http://www.av-test.org/index.php?lang=0&menue=2
2008-03-10 (March test results of Antivirus programs*)...
* http://sunbeltblog.blogspot.com/2008/03/march-test-results-of-antivirus.html
(From Andreas Marx of AV-Test.org) - "...The number of MD5-unique malware samples received by AV-Test.org increased from about 333,000 in 2005 to 972,000 in 2006, and 5,490,000 in 2007. During January and February 2008 alone we found more than 1.1 million samples spreading in the internet..."


2009-08-14, 17:13

1H 2009: Malware Threat Growth
- http://blog.trendmicro.com/1h-2009-malware-threat-grows-ever-larger/
Aug. 14, 2009 - "...in the first six months of 2008, the Trend Micro World Virus Tracking Center (WTC) recorded that 253.4 million systems were infected with malware. The comparable volume for 2009 is almost double at 491.2 million... AV-Test.org* has released their findings for the first half of the year recently... With more than a million new samples being seen every month, it’s likely that the overall number of unique samples will grow beyond 30 million. That should clearly illustrate the scale of the malware threat..."

(Charts available at the URL above.)

* http://www.av-test.org/numbers.php


2010-01-05, 20:19

2009 report Panda Labs - 25M new malware strains
- http://pandalabs.pandasecurity.com/2009-annual-report/
01/5/10 - "... the outstanding trend of the last 12 months has been the prolific production of new malware: 25 million new strains were created in just one year, compared to a combined total of 15 million throughout the rest of Panda Security’s 20-year history... some of the highlights of the report:
• PandaLabs identified more malware in 2009 than during the rest of its 20-year history
• Panda Security now has a knowledge base of 40 million samples, receiving an average of 55,000 new strains every day
• Banker Trojans and fake antivirus programs topped the threat ranking
• Social networks (Facebook, Twitter, YouTube or Digg) and SEO attacks were favored by cybercriminals for spreading malicious code
• Politically motivated cyber-attacks significantly increased throughout 2009..."

(Link to full PDF report available at the URL above.)


2010-07-08, 18:28

Malware at midyear: a Summary
- http://www.trustedsource.org/blog/438/Malware-at-Midyear-a-Summary
July 7, 2010 - "... With approximately 54,800 new samples arriving per day, the total size of our collection is almost 12 terabytes. At end of 2007, in contrast, and with only 5.8 million samples, the total size was only 1.1TB... Today when we quantify the malware world, the consensus is to use the number of unique files in our collections distinguished by their MD5 hash (or checksum). On June 30, we counted 43,337,677 unique binary files. Perhaps we’ll reach 54 million by the end of December."


2010-08-03, 23:08

2010-H1 malware trends - UP 50%...
- http://www.theregister.co.uk/2010/08/03/android_malware/
3 August 2010 - "... Sophos’ global network of labs received around 60,000 new malware samples every day in the first half of 2010, an average run rate of one new sample every 1.4 seconds per day every day. In the same period last year the rate was 40,000 samples per day. By that reckoning VXers have increased production by 50 per cent. Adobe came out a close second to Microsoft as hacker targets during the first six months of 2010, according to Sophos*. Booby-trapped websites and malware in e-mail, which has returned as a hacker favourite over recent months, remain security menaces to businesses. Hackers often use vulnerabilities to plant malware or -redirections- to hacking portals on legitimate websites. These tactics - along with the prevalence of free hosting providers in Europe that offer minimum setup times to business and hackers alike - resulted in France, Italy and the Netherlands all joining the top ten of malware hosting countries since the start of the year..."
* http://www.sophos.com/trmy10
(PDF file)


2010-08-10, 14:56

Q2 2010 - 10M new malware threats...
- http://newsroom.mcafee.com/article_display.cfm?article_id=3675
August 10, 2010 - "... malware has reached its highest levels, making the first six months of 2010 the most active half-year ever for total malware production... Malware continued to soar in Q2 2010, as there were 10 million new pieces cataloged in the first half of this year. Consistent with last quarter, threats on portable storage devices took the lead for the most popular malware, followed by fake anti-virus software and social media specific malware. With approximately 55,000 new pieces of malware that appear everyday, globally AutoRun malware and password-stealing Trojans round out the Top Two malware threats. After reaching its highest point in Q3 2009, with nearly 175 billion messages per day spam rates have hit a plateau... McAfee Labs saw a resurrection of two “dead” botnets. Storm Worm and Kraken, once considered to be among the biggest botnets on the planet, are again on the rise."


2010-09-13, 18:44

1,017,208 ...
- http://www.gdatasoftware.co.uk/about-g-data/press-centre/news/news-details/article/1760-number-of-new-computer-viruses.html
09. September 2010 - "... G Data has noted a general increase in malware this year: the number of new computer viruses has already reached a new record for the first half of 2010, with 1,017,208 malware programs. This represents an increase of 50 percent compared to last year. Experts at G Data SecurityLabs are predicting a record total of over two million new malware programs for 2010 as a whole... Trojan horses dominate the top 5 malware categories, with a share of 42.6%. A big part of this category is made up by bogus antivirus programs and ransomware. Malware such as downloaders and droppers retain second place with a steady share of 20.3%. In the past six months many types of new spyware have appeared. Many of these are part of banking trojans or keyloggers. Spyware is the biggest growing of all malware categories. Spyware enables attackers to steal access data, for instance to social networks. The proportion of backdoors has dropped in comparison to the last half of 2009, coming in fourth place with 12%. Cyber criminals use such viruses to gain remote access to computers. Last place in the top 5 goes to worms, with 53,609 malware programs..."
(Charts available at the URL above.)

3.5B malicious URLs...
- http://forums.spybot.info/showpost.php?p=385301&postcount=150


2010-11-17, 15:39

McAfee Threats Report - 2010-Q3
- http://www.mcafee.com/us/local_content/reports/q32010_threats_report_en.pdf
PDF file 5.3MB - pg. 5: "...we see on average about 6,000,000 new botnet infections per month..."

Total malware samples in the database
- http://i.i.com.com/cnwk.1d/i/tim/2010/11/17/mcafee-malware.png

Global SPAM volume
- http://i.i.com.com/cnwk.1d/i/tim/2010/11/17/mcafee-spam.png

- http://newsroom.mcafee.com/article_display.cfm?article_id=3708
November 17, 2010

- http://press.pandasecurity.com/wp-content/uploads/2010/11/evolution.jpg
Nov. 24, 2010


2011-01-08, 17:13

Malware - UP 34% in 2010...
- http://isc.sans.edu/diary.html?storyid=10240
Last Updated: 2011-01-08 03:47:35 UTC - "According to PandaLabs 2010 Annual Report, 'In 2010, have created and distributed one third of all viruses that exist. These means that 34% of all malware ever created has appeared... in the last twelve months.' They have noticed a rise in malware distributed via popular social media like Facebook and Twitter as well as Linkedln and Fotolog. Activist attacks have been on the rise as well including coordinated DDoS against popular websites in support of Wikileaks..."
* http://press.pandasecurity.com/wp-content/uploads/2010/05/PandaLabs-Annual-Report-2010.pdf

Panda - summary:
- http://pandalabs.pandasecurity.com/pandalabs-annual-report-2010/