BBC News
watch One-Minute World News
Last Updated: Friday, 8 February 2008, 09:11 GMT
Malicious programs hit new high
Graph showing the growth of malicious programs, BBC
The numbers of malicious programs have reached "epidemic" proportions

The number of malicious programs found online has reached an unprecedented high, say security firms.

Reports vary but some estimates suggest there were five times as many variants of malicious programs in circulation in 2007 compared to 2006.

Security company Panda Software said it was getting more than 3,000 novel samples of so called malware every day.

Criminals pump out variants to fool anti-virus programs that work, in part, by spotting common characteristics.

Threat landscape

Security software testing organisation AV Test reported that it saw 5.49 million unique samples of malicious software in 2007 - five times more than the 972,606 it saw in 2006.

AV Test reached its total by analysing malicious programs and generating a digital fingerprint for each unique sample.

The organisation said the different ways malware can be packaged will mean some duplication in its figures, but the broad trend showed a steep rise.

The organisation uses the samples to test security programs to see how many they can spot and stop.

Panda Software said the number of malicious samples it received in 2007 was up ten fold on 2006. In a statement it said the rise represented a "malware epidemic".

Finnish security firm F-Secure said it had seen a doubling in the number of pieces of malware it detected in 2007 compared to 2006.

Most of the malicious programs detected by these security organisations are aimed at the various versions of Microsoft's Windows operating system.

The vast majority of these unique malicious programs will be made up of elements from older viruses that have been scrambled to look fresh.

"It started about nine months ago, in early 2007, we saw massive surges of new variants," said Gerhard Eschelbeck, chief technology officer at anti-spyware firm Webroot.

"There are days when we see 1,000 or more new samples," he said.

"It's a low-effort high-frequency type threat," he said. "There's no completely ground-breaking new stuff out there."

He added that hi-tech criminals were adopting several tactics to avoid being spotted by anti-virus programs which try to spot the "signature" of each malicious program they know about.

"Anti-virus relies on customers to submit samples," said Mr Eschelbeck, "but with spyware you typically do not get samples because your customers do not know they are infected."

Increasingly, security firms have turned to new techniques to combat the rise in malware variants. Some use heuristics, or rules of thumb, to spot programs that are similar rather than identical to the ones they have seen before.

Others are using behaviour blockers that shut down any program that shows malicious intent.

Boom times for hi-tech criminals
02 Jan 08 |  Technology
Net gains for credit card thieves
30 Mar 07 |  Technology
PC stripper helps spam to spread
30 Oct 07 |  Technology
Net criminals shun virus attacks
20 Jul 07 |  Technology
Google searches web's dark side
11 May 07 |  Technology
Staying safe without anti-virus
09 Mar 07 |  Technology

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Americas Africa Europe Middle East South Asia Asia Pacific