Kaspersky Lab releases its half-year report

24 Sep 2008
Virus News

Kaspersky Lab has released its half-year report; the first half of the report covers the evolution of malware, and focusses on the fact that virus writers are not concentrating on sophisticated technology, but rather focussing on quantity over quality. The authors of malicious code are moving away from creating multiple modules which interact with each other, preferring instead to implement multiple functions within one program. The number of Trojan programs designed to steal passwords to online games has also increased.

In terms of mobile malware, virus writers are choosing to specialize in Trojan programs for J2ME rather than attacking smartphones. Such programs are capable of running on almost any mobile phone, and send SMS messages which empty the user's account while filling the pockets of the Trojan authors.

In spite of the rapid increase in the number of threats, Kaspersky Lab analysts believe that the growth rate may slow or plateau out in 2008.

Today's antivirus industry must focus on the early detection of threats. While in the past it was possible simply to react to new threats in a couple of hours (or sometimes in a couple of days), now the window is counted in minutes. This means that antivirus experts have to identify new malicious code on the Internet – and this could mean at any point around the globe – analyse it, release protection, and deliver it to the end user.

The second half of the report addresses the issue of spam. During the first six months of 2008, the leading categories of spam were very familiar: "Medications, health goods and services"; "Education"; "Fake designer goods"; "Travel and tourism"; "Electronic advertising". Spammers are attempting to attract new clients by focussing on quality, and employing not only programmers, but marketing experts and designers to create spam messages.

It is likely that spammers will continue to experiment with html spam during the next half year while continuing to re-use some old methods.

A full version of the report can be found at viruslist.com.