The year 2015 marked the moment when demand for new malicious programs reached saturation point.
This is according to Kaspersky Lab, which notes the number of new malware files detected every day by its products fell by 15 000, from 325 000 in 2014 to 310 000.
Kaspersky Lab's experts believe this is mainly because coding new malware is expensive and cyber criminals have realised they can get equally good results using intrusive advertising programs or legitimate digital signatures in their attacks.
This approach appears to be working, as results show despite the cost-cutting in malware creation, in 2015, the number of users attacked by cyber criminals increased by 5%, the security solutions vendor says.
Between 2012 and 2013, there was a rapid increase in the number of new malicious files detected by Kaspersky Lab, from 200 000 new files every day in 2012 to 315 000 in 2013.
Thereafter, things started to slow down. In 2014, the total increased by just 10 000 files a day, and in 2015 the overall number has declined from 325 000 to 310 000.
Cyber criminals in search of a quick return appear to have decided that complex coding tools such as rootkits, bootkits or replicating viruses may bring results, but at a cost, reducing their overall margins and revenue, says Kaspersky Lab. Moreover, it adds, these complex malicious programs, which can cost tens of thousands of dollars to develop, do not protect the malicious program from increasingly sophisticated anti-virus software accustomed to detecting and analysing far more complicated malware.
For this reason, 2015 saw adware, essentially harmless but often intrusive, become more prominent among overall anti-virus detections, the vendor notes. This marks an evolution in cyber criminal tactics, with many now acting almost as businesses, engaged in selling quasi-legitimate commercial software, activity and other "essentials", says Kaspersky Lab.
Another trend is for cyber criminals and even advanced, state-sponsored threat actors to make greater use of legal certificates for digital products, the company says. With the help of bought or stolen certificates, attackers deceive security software, which trusts an officially signed file more than a regular one. The value of the certificate may be only a few tens of dollars, the company points out.
"Cyber crime has lost the last touch of romance. Today, malware is created, bought and resold for specific tasks. The commercial malware market has settled, and is evolving towards simplification. I think will we no longer see malicious 'code for the code'. This trend is also observed among the operators of targeted attacks," says Vyacheslav Zakorzhevsky, head of the anti-malware team at Kaspersky Lab.
Share