Share

Related Links

Top 5 Stories

News

Malware lifespan continues to shorten, says Blue Coat

30 March 2010

Malware adaptation rates are getting faster, according to a report from Blue Coat Systems. The average lifespan of malware dropped to two hours last year, from up to seven hours in 2007, it said, adding that this has had a significant effect on the effectiveness of software patches.

The Blue Coat Web Security Report 2009 said that malware is becoming more volatile on two fronts. First, multiple variations of the same malware threat are developed to circumvent antivirus scanners. Second, malware tends to move around quickly, so the URL filtering tools cannot block it indefinitely.

"In many instances, malware moves in as little as two hours because once a Web filtering solution identifies a URL as a malware host location, it doesn't matter if the code is updated," the report said.

That said, Blue Coat also reported a significant role for older malware. Although new malware made the headlines in 2009, such as Conficker and Gumblar, several existing threats including Netsky and MyDoom were far more prevalent, the company said.

Other discoveries included the fact that online storage and software download sites were the most frequent hiding places for web-based malware last year. The number of online storage sites grew over 200% in 2009 compared to 2008, the company said, making them a perfect deployment vector for malicious software.

The number of data collection sites and drop zones designed to harvest information from malware increased fivefold in 2009, which was largely down to redundancy in the drop zone infrastructure, according to the report. "This increases the likelihood that one or more of the URLs will remain undiscovered long enough for cyber criminals to retrieve stolen information," Blue Coat said.

This article is featured in:
Internet and Network Security  •  Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×