Luis Corrons, technical director of PandaLabs, Panda Software’s malware research laboratory, explained that there is currently more malware than ever and that it is designed to steal users’ money. Threat creators try to infect computers silently, creating a false sense of security. Consequently, many systems with up-to-date security solutions installed are infected.
Corrons said in an interview that Panda Software is carrying out an investigation to determine how many computers are really malware-infected. They have created a website (http://www.infectedornot.com) where Internet users can scan their PCs with the new security applications NanoScan and TotalScan. Based on a ‘collective intelligence’ approach, they are able to detect much more malware than traditional antiviruses.
In the absence of major news on email-worms infecting millions of computers for some time, is the Internet safer?
“No way. This is due to a false sense of security among users,†explained Corrons.
“And that is precisely what malware creators are after. Their goal is no longer the notoriety of having caused the most destruction, but simply to make money. The safer users feel, the greater the chances of falling victim to threats designed to silently steal user names, passwords, credit card numbers, PINs, etc. This is what we call a ‘silent epidemic’.â€
So then, what are the consequences of the ‘silent epidemic’?
“It is evident that the amount of malware circulating has increased,†explained Corrons. “For example, in 2006 we identified as many new samples as in the previous 15 years combined. Security laboratories cannot cope with the amount of Internet-threats received daily. Consequently, it is very easy for computers with up-to-date security solutions installed to be infected.â€
“Most frequent malware-types have also evolved. If up until 2006 email worms accounted for most new threats, in 2006 Trojans took the lead, being responsible for 53.65% of new malware samples. This is due to the fact that they are very useful for stealing confidential data or remotely controlling computers.
Are traditional antiviruses not effective any more?
“They are not effective enough,†said Corrons. “There are so many new malware samples that security laboratories are overrun. Some malware is silent, it can go unnoticed for a considerable length time. We are currently carrying out an investigation on our website http://www.infectedornot.com to try to determine to what extent users visiting it are infected or not by malicious codes.â€
The website offers Internet users the new NanoScan and TotalScan tools. Based on a new ‘collective intelligence’ approach, they are able to detect much more malware than traditional antiviruses.
“This approach is based on three main factors,†explained Corrons. “The first is the collection of data from the community (Panda users, companies and collaborating entities). The second is automated data processing, where an expert system correlates the data received from the community with PandaLabs’ extensive malware knowledge base. The system automatically returns verdicts (malware or goodware) on the new files received, thereby reducing the tasks PandaLabs must carry out manually to a minimum.
“The last factor involves making the knowledge available. This knowledge is delivered to users as Web services or through signature file updates.
Due to the new approach, both applications are able to detect malware samples on http://www.infectedornot.com visitors’ computers that have bypassed other antiviruses.
What security measures should users take to avoid falling victim to an attack?
“Apart from having up-to-date security protection, it is vital to complement it with proactive technologies capable of detecting threats by analyzing their behavior,†Corrons said.
“For example, our proactive TruPrevent technologies have managed to detect nearly 100,000 samples of new unique malware since they were launched in July 2004.
“It is also convenient to use tools such as NanoScan or TotalScan periodically or before carrying out an online transaction that could endanger confidential files.â€
