Malware Authors Crank Engines, Reach 20 Million Mark in 2010

A report by Panda Security found that 20 million new malware strains have been created this year, including more than a third of all active malicious programs.

Malware authors have been very busy this year.

How busy? According to Panda Security, 20 million new strains of malware have already been created this year-the same total as in all of 2009. The shortened lifespan of the malware combined with the increased number of variants demonstrates a shift in the cyber-crime landscape, where many variants are now being created to infect a small number of systems before they disappear, the vendor said.

"Since 2003, new threats have increased at a rate of 100 percent or more," said Luis Corrons, technical director of PandaLabs, the company's research arm, in a statement. "Yet so far in 2010, purely new malware has increased by only 50 percent, significantly less than the historical norm.

"This doesn't mean that there are fewer threats or that the cyber-crime market is shrinking," he said. "On the contrary, it continues to expand, and by the end of 2010 we will have logged more new threats in Collective Intelligence than in 2009. It seems hackers are applying economies of scale, reusing old malicious code or prioritizing the distribution of existing threats over the creation of new ones."

The average number of new threats created each day has reached 63,000 to date, the company said, a figure roughly the same as what was reported in recent research from McAfee.

Panda also found however that the average lifespan of 54 percent of malware has been cut to just 24 hours. Thirty-four percent of all active malware threats were created this year, the company said.

Some of those threats are undoubtedly infecting users via malicious Websites promoted through black hat search engine optimization (SEO) efforts. A report by CyberDefender Research Labs noted keyword combinations such as "Thanksgiving Lunch Invitations," "Thanksgiving Invitation Template" and "Thanksgiving Printable Invitations" were drawing malicious results.

Out of 50 search results for each of the three terms, roughly 20 directed users to infected URLs, the firm said. Waiting for the user is a fake antivirus scan page that tells the person they need an immediate scan of their PC, followed by a prompt to download malware.

"SEO attackers most likely to target holiday shopping keywords are those that push fake/rogue antivirus software aka scareware," said Sean Sullivan, security adviser for F-Secure. "Typically these types of attackers react to trending topics such as celebrity deaths and other newsworthy events. The holiday season and shopping-related searches offer these attackers a proactive set of topics to focus on. They know in advance what the likely trending topics will be."