Previous entries
Next entries

February 6th, 2006

How Much Spyware is on the Internet

By Jimmy Daniels
Contributing Writer, RealTechNews

Not sure if this was new or not, can’t find a date on it, but a University of Washington study of spyware proved to be very interesting reading. They studied two periods May 2005 and October 2005, so it may be old news

Malicious spyware poses a significant threat to desktop security and integrity. This paper examines that threat from an Internet perspective. Using a crawler, we performed a large-scale, longitudinal study of the Web, sampling both executables and conventional Web pages for malicious objects. Our results show the extent of spyware content. For example, in a May 2005 crawl of 18 million URLs, we found spyware in 13.4% of the 21,200 executables we identified. At the same time, we found scripted “drive-by download”attacks in 5.9% of the Web pages we processed. Our analysis quantifies the density of spyware, the types of threats, and the most dangerous Web zones in which spyware is likely to be encountered. We also show the frequency with which specific spyware programs were found in the content we crawled. Finally, we measured changes in the density of spyware over time; e.g., our October 2005 crawl saw a substantial reduction in the presence of drive-by download attacks, compared with those we detected in May. Source: Washington.edu

We Say: They found that over 1 in 20 executables that they scanned contained some form of spyware, and 1.6% of domains doing drive by downloads. The main problem I’ve seen with their study is they only used Lavasoft’s Adaware to scan the executables, and we all know you really can’t depend on just one anti-spyware program to have a really clean machine or to detect everything. The good news is the total number of drive by installs decreased from 3.4% in May to 1.6% in October 2005.

More coverage available here.

Share and Enjoy:These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • digg
  • Fark
  • NewsVine
  • Reddit
  • YahooMyWeb
You can leave a comment, or trackback from your own site. RSS 2.0

4 comments to "How Much Spyware is on the Internet"

  1. Stephen says:

    In the past year the only items either Spybot or Adaware turn up on my machine are some Doubleclick cookies, Avenus A cookies. I do a scan about once every 3 months. I read in forums about people doing scans almost every day with multiple anti-spy apps and finding things all the time. What the hell are they doing out there to pick up all of this stuff? I’m not complaining about being left out but you would think that people would learn after the first hundred times or so as to how to not pick up spyware on their machines. Maybe a good anti-spyware app is not really such a good thing. It enables the truly dim to think that they don’t have to be careful about what sites they visit or what toolbar they download as the app will clean their machine.

    February 6th, 2006 at 9:44 am

  2. Jimmy says:

    Good point Stephen, maybe it is a false sense of security for newbies who click and download everything, we all know them, they are the same ones who forward the stuff that’s been floating around the net for years. I myself never make it to the shady sites on the internet too often, occasionally I’ll click something I shouldn’t have, but not very often. I think the problem is most people don’t realize what it can do, and how much it slows down their machines.

    February 6th, 2006 at 10:01 am

  3. E2001 says:

    Look for sites containing: Hackz, Crackz, Serialz, MP3z, XXX…

    You’ll get all the malicious software a person could ask for!

    February 8th, 2006 at 9:17 am

  4. » 15 Million Malicious Websites » Blog Archive   Alice Hill’s Real Tech News - Independent Tech says:

    […] Okay, here’s notice that the problems in the internet are not getting better, they are getting worse, Websense announced in a press release that their database of websites that contain malicious code, peer to peer file sharing, spyware, phishing, and 80 some other categories of “bad stuff” has increased to over 15 million. 15 million websites our children could easily surf into, or we could surf into, that would try to take advantage of us somehow. This contradicts the study from Washington University I posted about here, but, that study was just a sample that grabbed data from some websites, it was not a massive undertaking like this one. The Websense Master Database is the most accurate, up-to-date database in the industry. Recent increases to the Master Database reflect the continual growth of the internet as an attack vector by today’s cyber-criminals. The Websense database reached 10 million sites in May 2005 and quickly grew to 15 million sites within approximately eight months. Today, the database includes more than 90 categories, such as spyware, phishing and peer-to-peer (P2P) file sharing, which organizations can use to protect employees against malicious internet sites as well as set flexible filtering policies for employee web usage. […]

    January 12th, 2007 at 5:27 pm

Leave a comment