New Malware Jumps to 73,000 Samples Every Day, Says PandaLabs

New Malware Jumps to 73,000 Samples Every Day, Says PandaLabs.

-- Tom

 

It's getting worse and worse...

 

No, it's really not. These reports come out once or twice every single year, and they always end up being nothing more than good marketing tools. What has changed?..better/faster automation of malware creation, and the targeting of newer platforms (smartphones/tablets. If people weren't expecting those changes, they weren't paying attention and/or didn't have any common sense. What hasn't changed? Methods of infection, types of infections. You still have the money stealing trojans, you still have the redirects, and so on. They all still have to get on your system and they all still have to execute. Oh, now we have the social attacks too, which means you still have to be brainless as well. The "run of the mill" malware is still used against us little people, and the panic-inducing "undetectable?! Oh the humanity!" nuclear plant-crippling, economic disaster causing, corporate downfall malware that keeps Wilders, the news media and armchair security expert blogs awake at night..is still reserved for attacks against world governments and "big dog" corporations.

Really, keep using very well known software, get yourself a copy of Sandboxie or some other sandboxed browser or app, go easy on the P2P (stick to pre-2000s movies and music...it was much better back then anyway ) and, if you must, grab yourself some script protection like NoScript, and go back to sleep little ones.

-edit- If you seriously needed me to remind you (lord I hope not), keep your well-known AV and AM software up to date as well...you do have it, right? (I know you HIPpies--see what I did there?---don't particularly see the need, but for us simple folk who don't want our systems trying to have a conversation with us, we do.)

 

Yes indeed, the music was way better of course , but I can't say that ALL movies were better back then....

 

Hehe, well venturing off topic a second, I'd agree. But, you have to admit, MOST of the worst then beat the sad excuses for movies we have today.

 

LOL! That's why I like MSE so much. It usually doesn't bother me, & I don't bother it.

 

73,000 new malware samples every day? Where are they? I never see 'em...

 

I've always wondered where on earth they are as well. Though, if I had to give it a guess, I'd say all the misspelled URLs of major websites (mostly banks and shopping websites), which, if you bother to look at the address bar even once, you can easily avoid. Maybe they're on some foreign websites as well, like China and Russia, and of course I'm sure some are to be found on P2P. But, even with all of those places, I guarantee you that you'd be extremely lucky to come across 10% of that number, and that's with you trying very hard and purposely hunting them down. If you were possibly able to count up every single infected system in the world at this very moment, I would find it extraordinarily hard to believe that even 10% of that number of malware was responsible. I'd be very willing to bet it's more in the 2-3% range at worst.

That leads me to an opinion that, considering these reports come out every single year without fail (actually, last year, didn't some blog try to claim a million or so?), that one of two things are happening. Either they are counting experimental POCs and/or malware that is meant strictly for specialized operations (meaning government/corporate attacks), or, these reports are marketing tools. Personally, I think it's safe to bet that it's both.

 

Not worried at all, for myself.

 

From 50,000/day (Also, HERE) to 73,000/day = getting Worse.
The evolution of Social Networking-related Malware, P2P-Malware etc. is more than enough...

As far as,
-what Security Setups can keep Malware-free users
and/or
-what is the Probability to get infected by uncommon/rare Malware
have Nothing to do with the OP.

 

I beg to differ, it has plenty to do with the OP. To begin with, a jump from 50,000 to 73,000 is hardly worthy of yet another one of these yearly reports. (On a separate note, I do believe it was either Panda themselves or Previx that, just last year, came out with that "million samples" report I spoke of previously. So, going by that, we'd be doing fantastic!) Also, if the game itself hasn't changed, but only the numbers, then who cares? Whether it's 73,000 or (in another year) 100,000, if the methods haven't gotten any worse, or what the actual malware does hasn't gotten any worse ( again, I stress malware the public will run into)...then it hasn't gotten worse.

73,000 samples means nada if the general public will only see 10% of that (and that's rather unrealistic for people not actually testing malware). If the public understands how not to get infected by these 73,000 samples, and if they understand they'll never in their lifetime come across all 73,000, then these reports start to move over into the realm of "browser war" reports in usefulness.


-edit- A quote from one of your links http://ezinearticles.com/?Where-Doe...ware-(Malware)-Come-From-Each-Day?&id=1975208 : "The more malware programs that are submitted and found to be "effective" the more they can generate as well as the more damage that can be done. Many of the ones tested are ineffective, which is great news for consumers, but then malware designers are just back at the keyboard. The turnover is tremendous but yet identity thieves and scammers are vigilant in producing malware hoping to take advantage of uninformed consumers and hit pay dirt."

So, that tells me and the public that lots of those 50,000 or 73,000 samples turn out to be duds, and the word "uninformed" is a very important word. It tells me that the carefree downloaders, the ones who get suckered in by the "free offers", and the ones who generally don't bother to read address bars are still the ones being hit..just like it's always been. Worse? Nah, business as usual.

 

OK. This is my anual report of malware samples coming out every day. Hope it is OK to share with you Wilders Security Forums finest?

This is what I came up with. Every day, security vendors will put their hands on X amount of malware samples. Every day, security vendors will not put their hands on Y amount of malware samples.

What does this mean? It means that, just because Panda Labs came accross ~73,000 samples a day (the X value), the same doesn't mean that more aren't out there (the Y value). And, the Y value can be just one more malware sample... OR... it can be dozens, hundreds, thousands, etc?

What does this also tell us? It tells us that, Panda Labs report, is a total nonsense marketing report.

So, what do I care if there are billions of malware samples coming out every day, if all of them still require the same entrance points to infect my system?

Disclaimer: This report is copylefted. Share it at your own risk.

 

Note: The original posted (article) did point out that the majority of the new malware attacks have a trojan payload which was widely predicted by the security industry last year to be on the rise for this year.

-- Tom

 

Fear Not! my friends!! Sandboxie will crush them

 

These reports focus on what you called X.
What you called Y (=unknown malware) cannot be registered, and in turn, counted.

Even blaming AV vendors on the New Malware/day (and/or Totally) they Miss, and in turn, fail to Count
(although it goes beyond the Scope of these Reports), it does Not cancel the validity of these Reports.
In fact, it shows that things are even worse: 50,000 (2009)<63,000 (2010)<73,000 (2011)<<New Malware/Day (2011-Actually)!

By your logic, this SOPHOS report is total nonsense marketing report, too.
-When AV vendors create AVs, they are good.
-When AV vendors create Reports, they are Nonsense.

What kind of logic is this?

Since 2007, I'm Malware Free.
So what?
What holds for many members, here, does Not hold for the rest of the world!
Boasting about one's Security setup vs. New Malware/day has Nothing to do with what these Reports present.

-Is it a lie that Social Networking-related Malware increases?

@dw426
@ m00nbl00d
Since you both laugh at what these Reports showed, offer us more Reliable Data!
I am waiting to see your Data.
BTW, AV vendors would love to see your Findings, too.

 

You see... You blindy want to criticize others that you failed to see my point.

My point is: The malware scenario is far more worse than those ~73000 malware samples a day.

So, these reports are nothing but marketing. That's what they are. You shouldn't care about these ~73000 malware samples, or whatever the numbers are. If security vendors know about them, then they will provide protection to their users. But they won't protect against the other malware samples they fail to detect every day, because they don't have them on their possesion, which is most likely beyond 73000 samples, which could be just one, and that may actually try to infect our system using a new method.

That's the malware you should be worring yourself about, not those ~73000 samples.

And, that's why people shouldn't solely rely on antimalware applications.

-edit-

Otherwise, think about this. Why don't security vendors provide the opposite reports? Why not giving reports on what they miss? They won't due to two reasons: 1) They have no damn idea about the amount of samples they miss each day, which could be just one more, or billions... 2) It wouldn't be good for marketing, now would it?

But revealing reports that they put their hands on ~73000 malware samples a day, will make them look good. This is marketing. If this wasn't good for marketing, do you seriously believe they would waste their time releasing such reports?

 

As I got No Reply to my Inquiry, I will ask again:

Since AV vendors use just Marketing, can the Criticizers of the above Reports offer us more Reliable/Accurate data?

 

But you're asking for data that common sense should give you. Moonblood is right, if they know about those 73000 samples, then why should you care? You don't need another test or chart to figure out that detected malware isn't the problem. If they are reporting that they get their hands on 73000 samples a day, that is marketing. They're telling us they look at 73,000 samples a day..which means they likely cover them. As far as the post I made, come on Mr. PC, do you really need more data to know you won't ever in your lifetime come across anywhere near that number of malware?

There is no truly reliable data regarding new samples anyway. In case you never noticed, reported numbers differ by vendor. Panda will say a number, Prevx will come along with theirs, Symantec theirs, and so on. And, again, all of them focus on the number they see, meaning get their hands on, play with, and, as a result, detect. I fail to see how that isn't considered a type of marketing.

 

I don't care, but the Average Joe should care as 'New Malware/day' increases.
Facebook, P2P, and the entire Internet become more dangerous in terms of Malware.

No, I never claimed that. However, these Reports focus on a World-Wide basis; not on what an Individual-User will come across.

If AV vendors fail to offer us a general picture, then, who can do that?

It would have been really amazing if a major AV vendor had reported the exactly the same 'New Malware/day' Number
with a small AV vendor.
It is normal to see such a deviation.

 

But see, it really hasn't become more dangerous. I truly believe that, but why do I? I do because no matter the number, the way in has always remained the same. The Average Joe wouldn't need to care honestly, if the Average Joe would ever learn to read and not randomly click/install things.

Well sure, they do indeed focus on the world. But it still stands that, even every individual in the world will not come across this number of malware. So, though you're right, the alarming nature of the report becomes much less frightening

Nobody can.

But that means there is no reliable way of providing data on the amount of new samples created per day. What one AV vendor sees, another one may not. The size of the company has nothing to do with it, it's the submissions given to them that count. And, since those submissions are almost never the same, no one can give truly accurate data.

 

Major AV vendors have larger Market Share (=more Users), and in turn, they enjoy more Submissions than small AV vendors.

How can you be so certain about it? Nobody can tell with certainty...

 

Assuming the statistics in the reports are correct in the way they count the samples seen, the fact remains there are users here who don't even see 1 piece of malware, let alone the numbers they're quoting. It gives the novice the impression they may stumble across 70,000+ new threats in their day to day use of the Internet. If some of us don't even come across one sample, whether sandboxed or not, it rather paints a different picture of how people are using the Internet.

 

Bingo. Of course, those of us here tend to work differently than the average user. But, the main point is yes, these reports can be taken to mean that.