Share

Related Links

Related Stories

  • Zeus gang hits 75 000 computers
    The same criminal gang that targeted government and military computers with its malware has also infected 75 000 computers in almost 200 countries with a virulent strain of the banking trojan, according to research from network monitoring company NetWitness.
  • Mozilla backtracks on add-on malware claim
    Mozilla has apologized for its existing apology concerning a malware-infected add-on for Firefox. Last week, the company reported that a second experimental add-on for the browser had been infected by malware. After working with McAfee, it now says that the detection was a false positive.
  • Research shows China was the internet’s largest malware source in January
    A report from security vendor Kaspersky Lab shows that malware originating from China topped its monthly report of digital pollution providers, broken down by country of origin, for January 2010.
  • Report shows a 70% surge in malware and spam on web 2.0 services
    Research just published by Sophos claims to show a 70% increase in the number of companies reporting spam and malware attacks via social networks.
  • Malware threat reports fail to add up
    The December malware threat reports are trickling in from vendors — and they all appear to be different. Fortinet, Sunbelt Software, and Kaspersky all published their lists of the most prevalent malware strains for the last month of 2009, but they didn't match up, leading to an admission that users will inevitably be confused by the results.

Top 5 Stories

News

Malware lifespan continues to shorten, says Blue Coat

30 March 2010

Malware adaptation rates are getting faster, according to a report from Blue Coat Systems. The average lifespan of malware dropped to two hours last year, from up to seven hours in 2007, it said, adding that this has had a significant effect on the effectiveness of software patches.

The Blue Coat Web Security Report 2009 said that malware is becoming more volatile on two fronts. First, multiple variations of the same malware threat are developed to circumvent antivirus scanners. Second, malware tends to move around quickly, so the URL filtering tools cannot block it indefinitely.

"In many instances, malware moves in as little as two hours because once a Web filtering solution identifies a URL as a malware host location, it doesn't matter if the code is updated," the report said.

That said, Blue Coat also reported a significant role for older malware. Although new malware made the headlines in 2009, such as Conficker and Gumblar, several existing threats including Netsky and MyDoom were far more prevalent, the company said.

Other discoveries included the fact that online storage and software download sites were the most frequent hiding places for web-based malware last year. The number of online storage sites grew over 200% in 2009 compared to 2008, the company said, making them a perfect deployment vector for malicious software.

The number of data collection sites and drop zones designed to harvest information from malware increased fivefold in 2009, which was largely down to redundancy in the drop zone infrastructure, according to the report. "This increases the likelihood that one or more of the URLs will remain undiscovered long enough for cyber criminals to retrieve stolen information," Blue Coat said.

This article is featured in:
Internet and Network Security  •  Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×