New research shows that as much as 52% of the 37 000 samples of new viruses and other types of Internet threats released each day try to infect users for just 24 hours – reducing their chances of being picked up by security sofware. After this, they become inactive and harmless as they are replaced by other, new variants that join the list of new specimens in circulation.
“The is because hackers want to profit financially from malware,” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “To do this, they try to ensure their creations go unnoticed by users and security solution vendors.”
Matthews says that just 24 hours after they put any strain of malware into circulation, they will modify its code so that it can continue to spread without being detected by security companies.
This explains the significant increase in the number of new threats detected by Panda, which leapt from a total of 18-million in the 20 years from the company’s inception until 2008 to 30-million by 31 July 2009.
“Malware detection is a never-ending race,” says Matthews. “We have to wait until we get hold of the malware they have created to be able to analyse, classify and combat it. In this race, vendors that work with traditional, manual analysis techniques are too slow to vaccinate clients, as the distribution and infection span is very short."