[blitzkreig]

PandaLabs, Panda Security's malware analysis and detection laboratory, today announced the general availability of its malware report for the first quarter of 2009. According to the report, Trojans have accounted for 73 percent of all new malware created during this period. Nevertheless, one of the main trends identified in the report is the growth of spyware, which rose from 2.5 percent in the previous quarter to 13.15 percent in the first three months of 2009.


"We have seen a dramatic increase in the amount of spyware in circulation during this period, probably aimed at saturating laboratories and consequently infecting more users," says Luis Corrons, technical director of PandaLabs.



Some of the cases where cyber-crooks have been successful at infecting end-user machines involve the Virtumonde spyware, which infected more computers than any other malicious code during the first quarter of 2009.

This malware combines aspects of adware and spyware, monitoring users' Internet movements, rigging search engine results and displaying advertising banners, pop-ups, etc. for specific products.

A breakdown of malware by categories responsible for the most infections (e.g. Adware, Spyware, Trojan, etc.) can be found here: http://farm4.static.flickr.com/3597/...32efb465_m.jpg

Despite the notable growth of spyware, it is still significantly behind Trojans (31.51 percent) and adware (21.13 percent), in terms of the overall number of infections caused during the first quarter.

A graphical representation of the division of Malware infections detected by PandaLabs can be found here: http://farm4.static.flickr.com/3400/...954d41fc_m.jpg

The region with the highest percentage of active malware continues to be Taiwan with 31.7 percent of the worldwide malware share, but Brazil and Turkey are also noteworthy. They occupy second and third place respectively, overtaking Spain and the United States.

Mexico, nevertheless, has witnessed a decrease in the amount of active malware (17.95 percent), dropping almost 10 percent compared to its 2008 average of 24.87 percent of active malware recorded.

Conficker: The major threat in Q1
Although it first appeared at the end of 2008, the Conficker worm has been the malicious code that has kept security companies the most occupied due to the large number of infections caused between December 2008 and January 2009.

Moreover, there was considerable concern about its supposed reactivation on April 1. However, until now, no new versions or additional infections have been detected other than those already associated to the previously active variants.

"It is still possible that at any moment one of the URLs created by Conficker on April 1 could be activated and the worm could download an update to its code or new malware. In any event, this would only affect users who are unprotected against Conficker, although there are still a large number of unprotected computers," says Corrons.

The PandaLabs quarterly report also includes information about other issues such as the Waledac worm, which had an impact around St. Valentine's Day, malware on social networks and the most important vulnerabilities detected during the first three months of the year. The report is available for download, free of charge, here: http://www.pandasecurity.com/homeuse...a=particulares