Trojans accounted for 73% of all new malware created during the first few months of 2009, while the distribution of spyware has grown rapidly to 13,15%, up from just 2,5% in the previous quarter.
These are some of the findings of Panda Security's new malware report.
"We have seen a dramatic increase in the amount of spyware in circulation aimed, in all likelihood, at saturating laboratories and consequently infecting more users," says Jeremy Matthews, head of Panda Security's sub-Saharan operations.
In some cases, cyber-crooks have been successful, as in the case of the Virtumonde spyware, which infected more computers than any other malicious code in the first quarter of 2009. This malware combines aspects of adware and spyware, monitoring users' Internet movements, rigging search engine results and displaying advertising banners and pop-ups for some products.
Despite the notable growth of spyware, though, it is still way behind Trojans (31,51%) and adware (21,13%), in terms of the number of infections caused overall during this period.
The region with the highest percentage of active malware continues to be Taiwan (31,7%). Brazil and Turkey are also noteworthy. They occupy second and third place respectively, overtaking Spain and the US. Mexico, nevertheless, has witnessed a decrease in the amount of active malware (17,95%), dropping almost 10% compared to the 24,87% active malware average recorded for the whole of 2008.
Although it first appeared at the end of 2008, the Conficker worm has been the malicious code that has kept security companies busiest during the past few months, due to the large number of infections caused between December 2008 and January 2009. Moreover, there was considerable concern about its supposed reactivation on 1 April. However, until now, no new versions or additional infections have been detected other than those already associated to the previously active variants.
"It is still possible that at any moment one of the URLs created by Conficker on April 1 could be activated and the worm could download an update to its code or new malware. In any event, this would only affect users who are unprotected against Conficker,' says Matthews.