 |
 |
 |
|
 |
|
 |
| ||||
| ||||
|
 | |||||||||
|
In 2000 and early 2001 there were only 45 families of spyware, now there are over 450 with over 4000 variants. Financial incentives are the driving force behind this explosion. A malware writer or bot writer stands to make up to $150 per computer infected. They often do so by abusing legitimate companies' affiliate programs. Often, writers will find a way to automate the click or installation to get paid through the program. Surprisingly, the study found that celebrity websites are the most prolific distributors of adware, not adult sites, as it is commonly believed. In fact, McAfee says that security on adult and pornographic websites is often very tight, due to customer confidentiality. Celebrity sites on the other hand, are giving downloads away for free so they often receive most of their funding by packing spyware in downloads. "That really is interesting because they end up getting more hits off of Google searches and stuff, because somebody will want a screensaver of their celebrity du jour or their favourite celebrity and they just find it much more efficient to package in their adware and their downloaders and everything else with those because they just get more traffic than a lot of the other sites," David Marcus, security research and communications manager for McAfee/Avert Labs said. Another new trend is "drive-by installations", where an end-user's computer can become infected without their knowledge by simply surfing to a website can result in the push of spyware. One prominent example of this came to light during the 2006 World Cup after the now infamous Zinedine Zidane headbutting incident. A site that mirrored the official World Cup website appeared and the video of the headbutt that was offered on the site came packaged with spyware and malware. Spammers are also trying to stay one step ahead of security companies like McAfee by cycling through 72 per cent more domain names than they did just a month ago, changing them more quickly than anti-spam companies can react. To fight back, McAfee utilizes streaming update technology in its anti-spam products to keep them up-to-date and to maintain a high block- rate. McAfee's implementation of domain name reputation technology can predict malicious and/or spammer Web sites even before the sites have been involved in a spam campaign, which helps to block "day zero" spam. Perhaps the biggest issue when it comes to the growth of spyware and adware is the lack of user awareness. Often, a user will simply click on the first link that appears after a web search. "If you had done a keyword on that head butting incident you were forwarded to so many different sites through a Google search and the user who does the Google search has no way of knowing, at a glance, are those sites rogue sites, are any of those sites known pushers of adware and spyware?" Marcus said. McAfee's Site Advisor, a browser plug-in that rates sites, is one solution to this but Marcus said simple awareness on the user's part is the best way to prevent their computer from being infected with adware and spyware. For instance, he said that spelling errors in search results (Ie. a "3" instead of an "E") are often a good indication that a site should be avoided. While having a good security program is always advisable, Marcus said that users can't always rely on them to protect their computer. "It's never a security technology fix, it's always a user education issue," he commented.
For the complete white paper, head to http://www.mcafee.com/us/local_content/white_papers/threat_center/wp_adware.pdf.
|
|
|||||||
| |||||||||
|
home | feedback | printer friendly version | email this article
©2009 Integrated mar.com Corporation | 1.800.465.2059 |
|
|||||||
 | |
1,460 | |
 | |
419,343 | |
 | |
44,781,455 | |
 | |
$49,567,397,483 | |
 | |