Malicious activity still growing, Symantec warns

Security firm's 14th Internet Security Report claims web-based attacks are rocketing, with the underground economy raking in the cash

Malicious code activity grew at a record pace throughout 2008 according to Symantec’s latest Internet Security Threat Report.

Symantec claimed it created more than 1.6 million new malicious code signatures in 2008, which equals more than 60 per cent of the total malicious code signatures ever created by the vendor. These codes helped the security giant block an average of 245 million attempted malicious code attacks each month during the past year.

A worrying 90 per cent of all threats detected by the report attempted to steal confidential information. Threats with a keystroke-logging capability made up 76 per cent of threats, although web surfing remained the primary source of new infections in 2008.

According to Symantec, the market for selling confidential data – particularly credit card and bank account details – is thriving, with prices falling as low as the cost of a can of Coke for some details.

Guy Bunker, chief scientist at Symantec, said: “This recession-proof ‘underground economy’ is reaching such a level of growth and maturity that there are signs of a price war developing, as online criminals find it increasingly easy to steal private details, and barter to sell them for bargain prices. As the ‘legitimate’ world economy spirals downwards, the underground economy has never been healthier.”

Web-based attacks came from all corners of the globe, with the US accounting for 38 per cent of attacks, China for 13 per cent, Ukraine 12 per cent, with EMEA region countries accounting for a combined 45 per cent of the worldwide total.

Phishing continued to flourish, with more than 55,000 phishing web site hosts in 2008 – a 66 per cent increase on the previous year. The volume of Spam also continued to grow, with 349.6 billion spam messages sent in 2008, compared to 119.6 billion in 2007.