The latest SpyAudit study from Earthlink has revealed a marked rise in the incidence of malicious spyware such as Trojans.
The 2004 figures, gathered by scanning the ISP’s large base of PC consumers, showed that instances of the Trojan phenomenon, in particular, rose by 114%, with spyware monitoring software growing 230%. Although over the year, the number of Trojans discovered rose from a Q1 total of 130,000 out of 700,000 scans to 254,000 from almost 1.4 million scans in Q4, this hides a marked acceleration in the last three months after a quieter summer period.
The Trojans mentioned in the study include those capable of key-logging, and the capture of confidential data and screenshots — techniques growing in popularity among phishing criminals. The total number of spyware detections during the whole of 2004 was 116.5 million from a total of 4.6 million scans performed.
Other forms of spyware, including system monitors, adware and ad-tracking cookies, increased markedly throughout the year as well as in the final quarter covered by SpyAudit. The instances of spyware found on the average PC remained constant through the year at around 25, although this figure would include cookies which some consider to be of low security significance.
Judging by these statistics, the figures used to measure the threat of spyware are exaggerated in absolute terms — counting cookies for instance — but the rise of the Trojan still strikes a troubling note. Despite the fact that the software used to carry out an undisclosed portion of the scans was from antispyware vendor Webroot, figures from an ISP customer base deserve close attention.
What is hard to assess is whether raw statistics are the best way to fully document the threat posed by Trojans. What will come to matter is less the number discovered on the PCs of ordinary internet users but the havoc they are able to wreak, and this will vary form Trojan to Trojan.