Malware writers have preserved their focus on web-based attacks while actively looking for new ways to disseminate their products, according to a new survey by BitDefender.

The survey showed that there is an increase in a wide range of threats, from the exploitation of international news events to higher levels of spam being spread through social networking platforms aiming to curb marketing costs in a down economy.

Over the last six months, malware writers continued to infect computer users to receive direct financial gain or to take control over their machines, while cyber-criminals are motivated by pay-per-click fraud.
Malware authors frequently tamper with autorun.ini script in removable storage device to launch miscellaneous malicious applications, according to BitDefender.

During the last six months, the most active countries in terms of malware propagation were China, France and the US, followed by Australia, Romania and Spain.

Vlad Valceanu, head of BitDefender Antispam Research Lab, said: “In the second half of 2009, we saw international events such as the advent of the H1N1 Swine Flu exploited to their full extent by malware authors in order to launch new infections.”

According to the survey, spam messages account for 88.9% of the total amount of electronic messages sent worldwide with text-based messages as the most frequently encountered form of spam, while image-based spam is extremely rare with only 2.3% to 2.5%.

Spamming is also a common practice among Web 2.0 service users, such as social networking. While spam and phishing sum up almost 80% of the e-threats related to social networks, worms exploiting large platforms have rapidly increased. The Koobface worm has been one of the most active and destructive e-threats affecting social networking platforms.

The amount of phishing messages has remained relatively unchanged compared to the first half of 2009. Phishers have switched their focus to institutions that could bring them the most profit in the shortest timeframe, with primary targets as PayPal, Visa and eBay, followed by HSBC, American Express and Abbey Bank.

Valceanu added: “2009 witnessed a wide range of security threats aiming at both end-users and at corporate networks. Extra caution and a highly-rated antimalware solution with antispam, antiphishing and antimalware modules are a must-have for anyone surfing the web in 2010.”