Print This Story  Email This Story  Save this Link View PR Newswire's RSS Feed  Blogs Discussing this News Release  Search Blogs that Mention this News Release  Click this link to view linked Bookmarking Services Click this link to view linked Blogging Services

PandaLabs Study Reveals Alarming Global Infection Rates of Identity Theft Malware
 

- Over Three Million Internet Users in the U.S. and More than 10 Million Worldwide Were Actively Exposed to Identity Theft in 2008

- PCs infected with Identity Theft Malware Increased by 800 Percent from Q2 to Q4 in 2008

GLENDALE, Calif., March 9 /PRNewswire/ -- Panda Security, a world leader in IT security, today announced the findings from a comprehensive identity theft study conducted by PandaLabs, the company's malware analysis and detection laboratory. Based on the analysis of 67 million computers during 2008, PandaLabs revealed that 1.1 percent of the worldwide population of Internet users have been actively exposed to identity theft malware. Extrapolating the results from Panda Security's online malware scanning service, ActiveScan, PandaLabs found that over three million of the audited users in the U.S. and more than 10 million users worldwide were infected with active identity theft-based malware last year(1).

According to one recent study published by an independent research firm, the mean cost per ID theft incident in the U.S. is $496.00, putting the total estimated risk of ID theft from malware in this country alone at approximately $1.5 billion(2). Additionally as U.S. banks have raised consumer credit rates to compensate for losses in mortgage departments, unchecked losses from identity theft could have the effect of eroding an already weak consumer confidence, particularly with respect to online transactions.

Following are highlights on PandaLabs' key findings on the evolution of online identity theft:

  • 1.07 percent of all PCs scanned in 2008 were infected with active malware (resident in memory during the scan) related to identity theft, such as banker Trojans
  • 35 percent of the infected PCs had up-to-date antivirus software installed
  • The number of PCs infected with identify theft malware increased by 800 percent from the first half of 2008 to the second half
  • Arizona, California and Florida continue to be the states with the highest per-capita incidence of reported identity theft
  • PandaLabs predicts that the infection rate will increase by an additional 336 percent per month throughout 2009, based on the trend of the previous 14 months

Active malware means malware that is loaded into the PC's memory and actively running as a process. For example, users of PCs infected with this type of identity theft malware who utilize online services such as shopping, banking, and social networking, have had their identities stolen in some fashion. According to the Federal Trade Commission (FTC), the average time victims spend resolving identity theft issues is 30 hours per incident(3). The cumulative cost in hours alone from identity theft related malware based on Panda Security's projected infection rate could reach 90 million hours.

The study revealed that an alarming 35 percent of the PCs infected with this type of malware were using up-to-date antivirus software. Antivirus labs are receiving a massive amount of new malware samples each day (22,000 new samples per day according to PandaLabs), and antivirus vendors are continually updating their services to keep up with the overwhelming volume of new malware surfacing each day. AV detection labs such as PandaLabs have made advances in automated detection and classification capabilities. These new detection methods as well as improved surveillance and cloud-based detection techniques have reduced the risk of individual identity theft incidents and its associated costs. Some global banks, notably in Brazil, have made changes to banking authentications using electronic tokens and virtual keyboards, but these approaches have been slow to be adopted in the U.S.

"We expect to see a 336 percent monthly growth rate of this malicious identity theft malware in 2009, fueled by the huge business behind this particular type of cybercrime," said Luis Corrons, director of PandaLabs. "We must become aware of the dangers of malware identity theft and protect ourselves from the serious potential losses, both in time and money."

To see the growth and correlation between identity theft and banker Trojan PC infections from January 2008 to February 2009, including PandaLabs' predictions on growth rates through the rest of the year, please access the following link:

http://farm4.static.flickr.com/3561/3340793945_1782d9fb0e_m.jpg

Banker Trojans are malware specifically created to steal user account information from banks and their customers. Trojans have increased in sophistication and are now able to easily update and expand the list of banks they can attack via the Internet. According to PandaLabs, the top families of banker Trojans that are the most prevalent in infiltrating users' systems are:

    Trj/Cimuz
    Trj/Sinowal
    Trj/Bankolimb
    Trj/Torpig
    Trj/Goldun
    Trj/Dumador
    Trj/Spyforms
    Trj/Bandiv
    Trj/SilentBanker
    Trj/PowerGrabber
    Trj/Bankpatch
    Trj/Briz
    Trj/Snatch
    Trj/Nuklus
    Trj/Banker

The most common origins of these banker Trojans are China and Russia, with Korea and Brazil also emerging as countries of origin for these threats. To see a chart outlining the origins of banker Trojans, please access the following link:

http://farm4.static.flickr.com/3565/3341624488_c393093820_m.jpg

Other general, non-banker Trojan, forms of identity theft malware steal usernames and passwords to chat, games or applications as well as personal information. The most common types of non-banker Trojan identity theft malware are:

    Trj/Lineage
    W32/Lineage.worm
    Trj/Legmir
    Trj/Wow
    W32/Wow.worm
    Trj/MSNPassword
    Trj/PassStealer
    Trj/QQPass

To learn more about banker Trojans, please visit the latest PandaLabs post at: http://pandalabs.pandasecurity.com/archive/Bank-details-uncovered.aspx

About PandaLabs

Since 1990, its mission has been to detect and eliminate new threats as rapidly as possible to offer our clients maximum security. To do so, PandaLabs has an innovative automated system that analyzes and classifies thousands of new samples a day and returns automatic verdicts (malware or goodware). This system is the basis of collective intelligence, Panda Security's new security model which can even detect malware that has evaded other security solutions. Currently, 94 percent of malware detected by PandaLabs is analyzed through this system of collective intelligence. This is complemented through the work of several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. This translates into more secure, simpler and more resource-friendly solutions for clients.

More information is available in the PandaLabs blog: http://www.pandalabs.com and the Panda Security website: www.pandasecurity.com/usa.

(1) Figures based on the estimated North American and worldwide population of Internet users in 2008: calculated based on 1 billion users worldwide and 222,141,961 for North America, factoring ADSL penetration of 76 percent. Source: http://www.internetworldstats.com

(2) 2009 Identity Fraud Survey Report: Identity Fraud on the Rise But Consumer Costs Plummet as Protections Increase http://www.javelinstrategy.com/

(3) http://www.consumer.gov/idtheft/pdf/ftc_06.16.05.pdf

SOURCE Panda Security