During 2009, PandaLabs, the anti-malware lab of Panda Security, identified 25 million new malware samples, according to Panda Security's Annual Malware Report, released Tuesday. Before 2009, PandaLabs had identified a total of 15 million pieces of malware in 19 years.Cybercriminals have developed tools to automate the process of replicating malware, allowing them to quickly create several thousand variants of the same malware file, Sean-Paul Correll, threat researcher at PandaLabs, told SCMagazineUS.com on Tuesday. In some cases, they also sell these services to others.
“Cybercriminals have figured out that they can saturate anti-virus labs by creating millions of samples,” Correll said. “By doing that they can slow down the response times and their infection ratio would be more successful.”
Currently, more than 40 million pieces of malware have been identified by PandaLabs and 55,000 new samples are being identified each day on average, the report states. Trojans are the most predominant type of malware, making up 66 percent of all samples identified by PandaLabs in 2009.
“The biggest threat in the malware landscape right now is banking trojans,” Correll said.
Banking trojans, such as the notorious Zeus trojan, are popular because they allow cybercriminals to obtain victims' online banking credentials which can result in fast cash.
One of the primary malware distribution methods in 2009 was through social networking sites, such as Twitter, Facebook and YouTube, a trend that will carry over this year, Correll says.
“Given the increase in malware samples, end-users are going to have to pay more attention to security threats in 2010 and get as much education as they can,” Correll said.
End-users should be especially careful of where they click on social networking sites, he added.
“Anything can be a potential attack vector,” Correll said.