Banking ID theft reaching epidemic proportions

The amount of malware aimed at financial identity theft is bigger than ever, Sean-Paul Correll, a threat researcher at PandaLabs, wrote Friday in a post on the PandaLabs blog of Panda Security.

“In 2007, we received more malware samples than in the previous 17 years combined,” Correll said. “Our forecasts for 2008 indicated that we would end the year with some seven or eight million malware strains. However, we actually ended up with over 15 million malware specimens.”

Anti-virus vendors are hard put to keep up with the pace of the threats -- many common solutions are becoming less effective against the malware ploys in circulation.

Obviously, the impetus behind this is financial -- not because of fame-craving virus writers.

“Today, there are huge illegal businesses behind this type of cybercrime, and criminal organizations are making a lot of profit from identity and data theft,” Correll said.

Much of the malware comes from affiliate systems built on cybercrime control systems that are for rent -- cybercriminals can pay to have their malware spread, and anyone can try their hand at the game.

“They have fully automated servers and web frameworks that they build or buy,” Correll told SCMagazineUS.com Friday. "These are mainly situated in the former Eastern bloc countries. They use the frameworks to generate massive numbers of files. Each time a URL is accessed, a new file is generated, which has to be manually processed by AV vendors.”