Fake antivirus products cause adware figures to grow

GLENDALE, Calif., Oct. 2 /PRNewswire/ -- Panda Security, a leading provider of IT security solutions, today announced that Adware increased more than any other type of malware during the third quarter of the year. Adware accounted for 31.05 percent of all new malware that appeared in the third quarter, up almost 10 points from the previous quarter. The main reason, according to the PandaLabs Quarterly Report, is the increase in fake antivirus products used to trick users, infect computers and ultimately, defraud the victims. The PandaLabs Quarterly Report can be downloaded from http://tinyurl.com/3eoyjs.

Fake antivirus products, when run, appear to carry out a scan of the user's PC and inevitably detect a series of infections which are actually false. The applications claim that in order to 'disinfect' the computer, users must buy the pay-version of the antivirus. If users fall for this ruse, they will be paying to remove malware which never really existed. The objective of the cyber-crooks behind these scams is, as in most cases, financial gain. Examples of fake antivirus products can be found here: http://www.flickr.com/photos/panda_security/tags/fakeantivirus/.

Despite this growth in Adware, there were more Trojans than any other category of malware, accounting for almost 60 percent of all malware samples that appeared between July and September. Worms (4.53%) and spyware (2.93%) were the other most prevalent categories. Adware, however, was responsible for more infections than any other type of malware, accounting for 37.49 percent of all infections recorded by PandaLabs. Trojans (28.7%) and worms (11.56%) were in second and third place respectively.

NDRs: evolving spam techniques

The last few months have witnessed a notable rise in a new type of spam technique: NDRs. An NDR (Non Delivery Report) is an email automatically sent by mail systems to inform senders of problems delivering their messages.

NDRs are therefore not (at point of origin) spam, but legitimate emails usually delivered by badly-configured mail servers. At present, leading anti-spam companies do not consider spam to be defined by content, instead they regard spam as "unsolicited emails sent on a massive scale." NDRs are regarded as solicited mail, since they respond to an email sent by the victim in theory. As a consequence, anti-spam techniques used up until now are not effective against these types of messages.

Moreover, the actual amount of spam distributed is doubled. This is because a user who receives an NDR corresponding to an email she hasn't sent means that somebody is sending spam using her email address. This is achieved by stealing legitimate email addresses using malware, or buying them on forums, and using them as the sender through an SMTP service. The target mail server does not verify if the sender's address is legitimate and only ensures that the target address exists. If it does exist, it will receive the spam; and if it doesn't exist, the real owner of the sender's address will receive junk mail in the form of an NDR.

"This technique is used by cyber-crooks to bypass anti-spam systems, as junk mail will be delivered if it is in someone's list of contacts," explains Luis Corrons, technical director of PandaLabs.

About PandaLabs

Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security's new security model which can even detect malware that has evaded other security solutions.

Currently, 94% of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.

More information is available in the PandaLabs blog: http://www.pandalabs.com.

About Panda Security

Panda Security is one of the world's leading IT security providers, with millions of clients across more than 200 countries and products available in 23 languages. Its mission is to develop and provide global solutions to keep clients' IT resources free from the damage inflicted by viruses and other computer threats, at the lowest possible total cost of ownership.

Panda Security proposes a new security model, designed to offer a robust solution to the latest cyber-crime techniques. This is manifest in the performance of the company's technology and products, with detection ratios well above average market standards and most importantly, providing greater security for its clients. For more information and evaluation versions of all Panda Security solutions, visit our website at: http://www.pandasecurity.com.