14 DAY TRIAL // PandaLabs has released its report (PDF) on the situation of the threat landscape for the first quarter of 2009. The documents reveal that spyware has been the second most prevalent malware, with a significant increase of 11% in distribution over the previous quarter.
PandaLabs is the anti-malware laboratory of Panda Security, a global provider of IT security solutions. It is an international network, which employs over 200 anti-virus engineers and spans more than 50 countries.
From the data compiled during January, February and March, the researchers have concluded that the most predominant category of malware includes Trojans, consisting of 73.82% of all malicious applications. While this percentage is impressive, it actually represents a drop of 3.67% over the previous estimate.
"The most interesting aspect has been the considerable increase of spyware, almost eleven percent (10.57%) compared to the previous quarter," the PandaLabs analysts point out. This puts spyware in second place after Trojans, representing 13.15% of all malware detected during Q1 2009. Adware comes in third (8.83%), most likely because of the profitable (for cybercrooks) scareware schemes.
Even though Conficker and Waledac have been very active this year, the worms category only comes in 4th (3.25%), but this represents a rise over figures registered at the end of 2008. "Malware creators are still focusing heavily on hybrid worms-Trojans, with the aim of exploiting the characteristics of both these categories to the maximum," the researchers explain.
Digging in a bit deeper into the data has revealed that the top threat for Q1 2009 has been the Spyware/Virtumonde, also known as Vundo, which has undergone some improvements recently. Interestingly enough, Conficker, the worm that has captured everyone's attention this year, only comes in 9th, being outranked even by variants of the soon-to-be 5-year-old W32/Bagle.
The report also provides some insight into the geographical distribution of active malware, namely malware that is actively running on computers and not the dormant installers waiting to be run. Therefore, the country with the most infected systems, as determined by PandaLabs, is Taiwan (31.70%).
Noteworthy is that the former occupants of the second and third places, Spain and the United States, respectively, have been overthrown by Turkey and Brazil. There's also an interesting development in Mexico, where malware has dropped by a significant 10% and currently amounts to 17.95% of all computers infected with active malware.
PandaLabs also takes a look at the spam landscape, but notes that there hasn't been any significant change in distribution during the past three months. It also goes on to present the most significant vulnerabilities discovered in 2009, as well as the most intriguing pieces of malicious code analyzed, where Conficker is obviously of particular interest.
While the report is mostly consistent with the expectations of the security community, as well as Panda's, for the beginning of this year, it most definitely makes an interesting read. We encourage you to take the time and check it out, as it contains a lot of interesting details, which have been beyond the scope of this article, waiting to be discovered.