The number of malware detections in 2006 was 172 percent up on 2005 according to the recently-released PandaLabs 2006 Annual Report.


This alarming trend is set to continue because although massive infections caused by a single virus have practically disappeared, complex multiple malware variants now silently infect the computers of millions of naïve users still using conventional – and now outdated – antivirus technologies.

“Most users have a false sense of security, believing there are no dangerous threats. In actual fact, there is now more malware than ever. PandaLabs detected the same amount of malware last year as in the previous fifteen years combined,” says Jeremy Matthews, MD of Panda Software SA.

Hybrid malware, such as the fusion between Trojans and rootkits, is set to increase dramatically as the year progresses. Trojans have now become the most popular type of malware because they spread silently and are therefore ideal for targeted attacks.

Spyware – and more specifically adware – is now widely distributed. This is mainly because the malware conceal themselves as part of other legitimate programs and that users do not consider them dangerous. Adware creators are therefore exploiting the situation and reaping the benefits.

On bots, Matthews explains: "As firewalls evolve and port monitoring improves, bot herders are having to control their creations using alternative means, such as P2P networks. It is therefore more difficult to detect botnets since they are more diffuse, unlike the current ones which are usually more centralised.”

The motivation of cyber-crooks continues to be financial. It is now possible on the Internet to buy any number of malicious tools, from kits for creating phishing web pages to vulnerability exploits or services for creating Trojans. This black market is now said to be worth more than the entire anti-malware industry.

According to PandaLabs, spam rates will continue to be high this year, since people are still buying what is advertised in the emails.

Social engineering will continue to cause problems too.

Matthews explains: “The fact that malware still spreads using false emails related to Valentine’s Day or Christmas, reveals the need for technological solutions capable of detecting malware in the emails received every day.”