A new form of spyware attack by malicious software which uses automated phishing is among the most recent type of malware identified by security researchers at Prevx, a developer of Automated Malware Research.
The revelation comes as the security company today announced it had detected and provided protection against more than one million unique malicious programs seen by its community intrusion prevention system since it was launched in July 2005.
Prevx's automated malware research identifies new malicious software much faster than conventional vendor research labs which are facing ever growing backlogs as they struggle to cope with the exponential growth in malware volumes.
"Prevx has recorded a sad statistic in capturing data about the millionth unique malware program it has detected and prevented since the project was launched just over one year ago," said Mel Morris, Prevx CEO. "Even more startling is that the increasing volume of malware seen by our community of users indicates that we may well hit the two millionth malware mark by early next year."
Automated Phishing Malware
Perhaps the most insidious example of next generation malware technologies is a new type Prevx security researchers have noted for its automated phishing and pretexting behavior which is linked to web affiliate programs.
In one instance, Prevx researchers observed how the malware can be unknowingly downloaded by consumers, often as part of another malware infection. It then lurks on an unprotected computer, avoiding most traditional security software, to falsely obtain personal data, such as credit card information and Internet access and usage data.
The malware then hijacks the user's identity and uses the infected computer when the user is away to subscribe through legitimate Web affiliate programs and pay-per-click advertising programs.
The malware writers earn income from their affiliate links while unwitting users are left to explain credit card charges that seem to come from their own PC. Prevx1 users are protected from this next generation malware.
Prevx1 detects and eradicates viruses, worms and other forms of malware using real-time data gathered from its community of over half a million computers. This information is used to recognise the genetics and behaviour of more than 200,000 new programs every day, of which a daily average of more than 7,000 are determined to be malicious.
This is yet another example of how organisations have implemented million dollar security policies and security architectures to protect them from viruses and malicious external attacks, only for them to be compromised by the internal security risks posed by a company's personnel. People - either through accident or malice - still remain the weakest link in the security chain, and are responsible for a high percentage of security breaches.