Looks like Microsoft released its Malicious Software Removal Tool a couple of years ago, with it they included a way to track the number and types of Malicious Software that the hackers are releasing upon us.
And the Malicious Software Removal Tool has uncovered some alarming statistics, for the first half of 2007 it detected 31.6 million phishing scams, an increase of more than 150% over the last half of 2006. In addition a 500% increase in Trojan downloaders and droppers, software that installs Trojans, password stealers, keyboard loggers and/or other malware on victims' systems. Also increasing, a growing number of backdoors—a category that includes bots and that the company referred to as an increasing threat to instant messaging users.
In his keynote speach at RSA Conference Europe in London on Oct. 23, Ben Fathi, corporate vice president of development for the Windows Core Operating System Division at Microsoft, presented these results of the Microsoft's latest bi-annual survey.
Brendon Lynch, Microsoft's director of privacy strategy, told eWEEK in an interview called Attacks Aimed at Personal Data Soar, that the findings just confirm what security professionals have been realizing for some time:
"Critical information is a very valuable resource, for the businesses that use it to the consumers [who] get personalized services, and also [it's] valuable to criminals—it's the currency of crime online," he said. "That's what they're targeting, to hijack accounts with fraud and the like."
Microsoft found that the large increase in personal data thievery—including backdoors/bots/password stealers/keyloggers—during the first half of 2007 was due almost exclusively to one family of malware, Win32/IRCbot, which accounted for 81 percent of all backdoor detections in Windows Live Messenger. Trojan interception rate also surged, with MSRT picking up 5.9 million downloaders and droppers, up from 960,000 in the previous six months.
How much of this is due to increasing malware and how much is due to Microsoft refining the detection capabilities of MSRT is up for debate.
"The quality of detection is going to of course affect these numbers," Lynch said. "As we continue to improve the quality [of the tool's capabilities] there's [going to be more threats detected]. We don't believe that's the whole thing, though."
Rich Mogull, an independent security consultant, founder of Securosis LLC and former Gartner analyst, said that Microsoft is, in fact, getting better at detection, but there "really is more phishing."
"It also doesn't matter," he said in an e-mail exchange. "It's so bad now that those that can't filter and manage it to a reasonable level can't effectively use e-mail anymore anyway."
As far as the 500 percent increase in Trojans goes, Mogull has faith in Microsoft's figures. "We do know that Trojan and other malware kits are far more available and in active use," he said. "I strongly suspect that the 500 percent increase is a combination of more malware and better detection. … MSRT definitely needed to improve detection, but most of the stats I've seen are supporting big increases, if not at the levels MSRT is reporting."
MSRT removed malware from one out of every 217 computers it scanned in early 2007, compared with one out of 409 in late 2006 and one out of 359 in the second half of 2005. Microsoft said the increases are likely due to improvements in MSRT along with the addition of highly prevalent families, such as Win32/Renos, Win32/Stration and Win32/Alureon. Some families MSRT has detected—Win32/Hupigon, Win32/Bancos and Win32/Banker—target data theft and banking information.
The report also noted that the number of new software vulnerabilities remains large, with 3,400 new zero-days disclosed in the first half of the year. That number was down from 2006, however, which marks the first-ever decline in total vulnerabilities since 2003.
Classic e-mail worms continue to shrink in significance: They dropped to 49 percent of total malware detected in e-mail. Phishing scams increased, however, from 12.4 million in the second half of 2006 to 31.6 million in the first half of 2007. E-mail containing malicious iFrame attacks accounted for 27 percent of e-mail malware in the second half of 2006, rising to 37 percent six months later.
Microsoft found that machines running Vista and Windows XP SP2 had "significantly" lower infection rates than older Windows operating systems.
Lynch said that this was due to stronger security controls and features—for example, Vista asks users to OK downloads—as opposed to the fact that Vista isn't widely adopted yet and therefore still hasn't been as attractive a focus for malware authors.
"[The comparison was] done on a comparable basis, so it was like for like," he said.
As I have said repeatably in this blog, the time has come government to step forward and write some comprehensive legislation to protect the American public from these security breaches, if not the day will come soon where these attacks will effect all of us.Sphere: Related Content