Today, our project celebrates a kind of technical jubilee. The number of virus records of our antivirus products has risen above 5 million. What does it mean? Is it lot or not, and what will happen next?
First of all, it should be noted that the number is not some kind of an attainment for us or any other antivirus company. It just shows the volume of malicious programs, which are known us at the moment, and which we have processed, sorted, analyzed, from day to day, created the detecting and treating records.
5 million - is it a lot or a little? A year ago, the size of our virus database was 3 million records, 2 years ago this value was 1.5 million records. That is for the full year 2010 in the base was added 1.5 million viruses, and for 2011 is 2 million. The number of newly emerging viruses is tirelessly growing from year to year. Over the past year we have analyzed and added to the database more malware than was known at the beginning of 2010! And the dynamics of growth of malware continues grows to develop. During this months of this year, the amount of malware, which we receive for analysis, continued to grow.
Why is this so? The fact that in recent years the production of malicious software has become a large and profitable business. Criminals are finding new ways for tricking users and obtaining money. Huge sums of money are invested in developing of such programs. A big staff works the development of modern Trojans are working great teams that produce hundreds of versions of one malicious program on the day.
The Most numerous of modifications in our database is a Trojan.Swizzor.Win32. 2 years ago there was 120 000 versions of this Trojan, but now we know more than 176 000.
| The largest family of malware (the number of modifications in Zillya! database) | |||
| Назва | 2 years ago | 1 year ago | Current |
| Trojan.Swizzor.Win32 | 120802 | 168503 | 176107 |
| Trojan.FakeAV.Win32 | 24 | 36947 | 160176 |
| Backdoor.Hupigon.Win32 | 56893 | 105350 | 130202 |
| Trojan.OnLineGames.Win32 | 42178 | 77010 | 107489 |
| Worm.Palevo.Win32 | 1747 | 33556 | 74552 |
| Backdoor.Bifrose.Win32 | 24787 | 43918 | 63984 |
You've probably heard about the so-called fake antivirus (FakeAV). With these criminals extort millions of users a means for the treatment of their computers from nonexistent viruses by nonexistent anti-virus product. Two years ago, the industry of cyber fraud was only a margin, there were only a few of such programs. A year later this number has already reached 36,000 copies, and today we have detected and neutralized more than 160,000 variants of these fake antivirus. Over just one year more than 120 000 of such programs have appeared, which average 330 modifications Trojan.FakeAV.Win32 every day throughout the year, including weekends and holidays!
Throughout the year, regularly reminded of themselves creators of very circulated computer wormWorm.Palevo.Win32, which successfully spread through USB-drives. For example, each month this summer, the worm's authors released to world over 5000 versions of their creations to the world, making antivirus companies to work hard.
At the same time, Russian and Ukrainian users suffered most from the domination of the various programs extortionists and theft of media accounts of social networking. Hackers have learned well, where it is possible to profit from the common Internet users. Comparing malicious software, distributed on a global scale and Trojans designed for Russian-speaking user, are so numerous the last was not so much, but they have caused to a lot of problems to ordinary users as well as experts in the field of information security.
| The number of known modifications of some common trojans | |||
| Family of Trojans | 2 years ago | 1 year ago | Current |
| Blocking system, extort money for unlocking (like Winlock, LockScreen, XBlocker and other) | ~530 | >1650 | >5500 |
| Theft accounts of social network VKontakte (such as family Trojan.VkHost.Win32, Trojan.VKont.Win32 and so on) | ~250 | >1300 | >4300 |
The most widespread type of malware programs is a class Trojan. They are often tens or hundreds of thousands of versions, most of which are so different that they require from antivirus companies for personal research and creating individual records for viral detection and neutralization.
Remarkably, if the number of Trojan horses in the last year increased by more than one million copies, worms grew by 150 000 versions, high-Rootkits almost 20 thousand new versions, new modifications of the most common computer viruses that infect other files, our laboratory this year counted little more than a hundred!
Sure, cyber-crime very quickly adapts to new conditions. Developers of Trojans are able to for a few days to release hundreds of versions of new Trojans, adapted to a particular social network or newsworthy. In the future, still there will be hundreds of thousands and millions of new malicious programs. That is why every user should be aware that anti-virus should always be used with the latest databases. Even yesterday's update, it's missing a few thousand records against new and just appeared viruses.