Similar Searches

  • Counting Malware (February 5, 2009)

    Malware continues to increase at a rapid rate. With the DAT-5516 release, scheduled for 4 February, the number of drivers in the DATs will pass 500,000. Half a million is a huge amount. I remember my first antivirus program, back

  • Malware Is Their Business…and Business Is Good! (July 22, 2009)

    I cribbed the title from Megadeth–I admit it. However, when looking at this year’s growth in malware it seems disturbingly appropriate. Global economic downturn or not, malware production continues at a record-setting pace because this is how many cybercriminals make

  • Who Digs the Elephant Trap? (May 28, 2009)

    It is ironic, but the rapid growth rate of malware attacks is partly due to how successful AV technology has become. If AV scanners were not so successful in blocking Trojans and viruses, there would be little need for the

  • 1H 2009: Malware Threat Grows Ever Larger (August 14, 2009)

    Malware threats have undergone many, many stages of evolution over the years. First it was DOS viruses, then macro viruses, then mass-mailers, then botnets, then Web threats… the only constants seem to be that these are growing both in number

  • Downadup Sinkhole Numbers (February 25, 2009)

    Our Downadup sinkhole logged 1.9 million unique IP addresses yesterday; our last reported count was just over one million.Now, this doesn't necessarily reflect a growth in infections. Our sinkhole has been monitoring a greater number

Related News

  • Counting Malware (February 5, 2009)

    Malware continues to increase at a rapid rate. With the DAT-5516 release, scheduled for 4 February, the number of drivers in the DATs will pass 500,000. Half a million is a huge amount. I remember my first antivirus program, back

  • Malware Is Their Business…and Business Is Good! (July 22, 2009)

    I cribbed the title from Megadeth–I admit it. However, when looking at this year’s growth in malware it seems disturbingly appropriate. Global economic downturn or not, malware production continues at a record-setting pace because this is how many cybercriminals make

  • Who Digs the Elephant Trap? (May 28, 2009)

    It is ironic, but the rapid growth rate of malware attacks is partly due to how successful AV technology has become. If AV scanners were not so successful in blocking Trojans and viruses, there would be little need for the

  • 1H 2009: Malware Threat Grows Ever Larger (August 14, 2009)

    Malware threats have undergone many, many stages of evolution over the years. First it was DOS viruses, then macro viruses, then mass-mailers, then botnets, then Web threats… the only constants seem to be that these are growing both in number

  • Downadup Sinkhole Numbers (February 25, 2009)

    Our Downadup sinkhole logged 1.9 million unique IP addresses yesterday; our last reported count was just over one million.Now, this doesn't necessarily reflect a growth in infections. Our sinkhole has been monitoring a greater number

Latest News

Security vulnerabilities in Pligg CMS version 1.0.4

The correct CV(or malware)

Zombie game inspires scammers to target your brains

We are good at finding names

To infinity and beyond

Counting Badness

Following up on the recent post by my colleague Dave Marcus concerning malware growth, the guys from AV-Test in Germany just released their updated stats. To avoid confusion when comparing the different numbers, here’s a quick explanation of the different counts:

AV-Test counts unique binaries. Unique means different cryptographic hashes. So the same Trojan, obfuscated with 10 different packers results in 10 unique binaries. This is often due to the impact of server-side polymorphism, where you get a unique binary every time you download a file.

Our outbound counting, as used by Marcus, counts the threats for which we have to create a driver for detection. If in the example above we are able to look beneath the obfuscation layer of the packers, the 10 different binaries would be counted as just one Trojan. In addition to that, we frequently use generic detection, in which a single count could hit on thousands of minor variants.

Now that the different ways of counting may be a bit clearer, let’s look at the bad news:

AV-Test’s count has come close to 22,000,000 samples in June.

(Click here for a larger image.)

This by itself is disturbing, but the really disturbing trend is visible when we look at the growth month over month:

Continue reading...


Source: McAfee Avert Labs

  • Counting Malware (February 5, 2009)

    Malware continues to increase at a rapid rate. With the DAT-5516 release, scheduled for 4 February, the number of drivers in the DATs will pass 500,000. Half a million is a huge amount. I remember my first antivirus program, back

  • Malware Is Their Business…and Business Is Good! (July 22, 2009)

    I cribbed the title from Megadeth–I admit it. However, when looking at this year’s growth in malware it seems disturbingly appropriate. Global economic downturn or not, malware production continues at a record-setting pace because this is how many cybercriminals make

  • Who Digs the Elephant Trap? (May 28, 2009)

    It is ironic, but the rapid growth rate of malware attacks is partly due to how successful AV technology has become. If AV scanners were not so successful in blocking Trojans and viruses, there would be little need for the

  • 1H 2009: Malware Threat Grows Ever Larger (August 14, 2009)

    Malware threats have undergone many, many stages of evolution over the years. First it was DOS viruses, then macro viruses, then mass-mailers, then botnets, then Web threats… the only constants seem to be that these are growing both in number

  • Downadup Sinkhole Numbers (February 25, 2009)

    Our Downadup sinkhole logged 1.9 million unique IP addresses yesterday; our last reported count was just over one million.Now, this doesn't necessarily reflect a growth in infections. Our sinkhole has been monitoring a greater number

Copyright © 2010 The Security Blog. All rights reserved.