Cyber-criminals changed tactics in the last six months of 2007, with a steep
rise in malware as a tool for targeting computer users for profit, according
to Microsoft's newly-released Security Intelligence Report.
The report focuses on the second half of 2007 and uses data derived from a
range of tools running on approximately 450 million computers worldwide to
provide an in-depth, global view of software vulnerabilities, software
exploits, malicious software and potentially unwanted software.
Microsoft saw the number of Trojan downloader programs it removed from
Windows machines jump by 300 percent, said Microsoft SA's security expert
Colin Erasmus. These programs masquerade as legitimate pieces of software,
but once installed, they then download malicious software such as spyware or
adware onto the victim's computer. They are typically installed via the Web.
The report showed an overall decline in new security vulnerability
disclosures by 15% for the second half of 2007 and a decrease in total
vulnerability disclosures by 5% for all of 2007. Vulnerabilities are
weaknesses in software that allow an attacker to compromise the integrity,
availability or confidentiality of that software.
The data also reveals a 300% increase in the number of trojan downloaders
and droppers- malicious code used to install files on users' systems –
illustrating that the malware category continues to grow in popularity among
The report also shows a 66.7% increase in the number of potentially unwanted
software detections – programs that may impact user privacy or security by
performing actions the person may not want – between 1 July and 31 December,
with a total of 129.5-million pieces of potentially unwanted software found
"This latest report supports our position that today's threats continue to
be motivated by monetary gain, and it also gives us a solid view of
vulnerability and exploit trends," said Erasmus. "We're also seeing that as
system administrators become better at blocking threats, criminals are
shifting their attention to social engineering, where people are tricked
into giving details."
Other key findings from Microsoft's report included:
* The total number of malware items removed by Microsoft's tool was up 55%
from the first six months of 2007.
* Adware is still the most common form of unwanted software, and was up 66%
in the second half of the year to 34.3 million detections. The most common
piece of adware for the period was Win32/Hotbar, which installs a toolbar
that spews pop-up ads onto the PC.
* Up to 80% of phishing pages tracked by the Microsoft Phishing Filter were
in English, and there is a clear trend of phishing moving from e-mail onto
* Microsoft fixed fewer bugs in 2007 than in the previous year. The company
released 69 security updates, fixing 100 bugs in 2007 – a drop of 30% from
the 142 vulnerabilities it fixed in 2006.