In a recent University of Washington paper (see Sources below), the results of a five month study (May 2005 to October 2005) of the state of spyware on the Internet were documented. The following is a summary of the researchers’ conclusions:
- In October 2005, the researchers crawled 20 million URLs. Of that number, 19% contained executable programs. 5.5% of the executables and 4.4% of the domains contained piggy-backed spyware. Piggy-backed spyware is code that is attached to a file a user downloads from a web site.
- Although most of the spyware turned out to be adware, 14% of the spyware contained potentially malicious code. This malware included trojans and dialers.
- Sites specializing in pirated intellectual property have the highest percentage of drive-by attacks (malware downloaded without the user’s knowledge just by visiting the site). Celebrity sites were a close second.
- There was a 93% reduction in pages carrying drive-by attacks during the five months of the study. But don’t uninstall your anti-spyware software yet. The researchers concluded that there’s still enough malicious spyware to go around.
Author: Tom Olzak
Sources:
A Crawler-based Study of Spyware on the Web, University of Washington
