Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Spyware Report Disected and Thanks For The Malware - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Spyware Report Disected and Thanks For The Malware
Spyware Report



Several news outlets are reporting on a study done by EarthLink, which claims that the average number of Internet connected computers infected with so-called ?spyware? software tops 90%. Additionally, the study claims that the average number of instances of ?spyware? found on each scanned PCs is 27.8 instances/machine.



While these figures sound astounding, it is important to understand exactly how the term ?spyware? is defined for the purposes of this report. A review of the data itself shows that there are four categories of items which are considered ?spyware.? These categories, and the number of instances discovered by scan are:



System Monitors: 184,559

Trojans: 184,919

Adware: 5,344,355

Adware Cookies: 23,826,785



http://www.earthlink.net/spyaudit/press/



As you can see, the vast majority of the ?spyware? discovered on these ?infected? machines consists of adware cookies; not at all a surprising find. In fact, the number of cookies represents nearly 100 times the number of system monitors and trojan programs combined.



While the numbers are certainly not encouraging, when looked at closely, they certainly don?t represent the kind of drastic situation that is being presented in the media.





Thanks For The Malware



We have received several samples of variations of bots/malware today. Thank you for taking the time to forward them to us for analysis. In many instances, we have been able to forward them to AV vendors who will be making updated signatures available to their customers.





----------------------------------------------------------------------

Handler On Duty: Tom Liston ( http://www.labreatechnologies.com )
Tom

160 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!