Microsoft Corp. published a report on Monday which shows that criminal on-line behavior has shifted from traditional Trojan download programs to Web attacks.
According to Jimmy Kuo, principal architect with Microsoft’s Malware Protection Center, the company saw the number of Trojan download programs it removed from Windows machines jump by 300 percent.
“Executables are often being stripped completely regardless of what they are,” Kuo said.
The shift to the Web has been forced onto criminals, as system administrators have become better at blocking executable files from being sent via e-mail. Therefore, instead of sending their malicious software directly via e-mail, they send spam e-mail with links inviting victims to visit a Web page.
The programs masquerade as legitimate pieces of software, but once installed, they then download malicious software such as spyware or adware onto the victim’s computer. They are typically installed via the Web.
Many companies compile data on Web attack trends, but Microsoft’s is the most comprehensive which is based on data from the approximately 450 million computers that run the Microsoft Malicious Software Removal Tool that ships with Windows.
Kuo said that there are still a lot of infected Windows boxes out there, although there are fewer than some have reported. On average, Microsoft removed malware from one out of every 123 computers it inspected each month during the period. In the U.S., that number was 1 in every 112. Japan was the least-infected country, with malware found on just one in 685 machines.