CYBERSPACE – As though just stumbling across the stuff online weren’t bad enough, new research from Trend Micro suggests malware infections, once acquired, are tougher to get rid of than the common cold.Following analysis of about 100 million infections, Trend researchers concluded malware infections (or repeated infections) compromise the average computer for more than two years before they are discovered and eradicated. The average length of infection is 300 days, and four of five machines are infected for more than a month.
Previously, estimates put the average length of infection at six weeks.
The types of infections most likely to go undetected are botnet invasions, many of which also are capable of stealing login credentials. Although the botnet landscape seems to become more crowded daily, three strains of identity-theft bots cause the most damage and are the most persistent: Koobface, Zeus/Zbot and Ilomo/Clampi. According to Trend’s researchers, Koobface has recruited about 51,000 machines. The Koobface network employs five or six command-and-control centers at any one time, out of a worldwide complex of about 46 domains.
Zeus is particularly worrisome to antivirus researchers, because the password-stealing trojan is nearly impossible to detect. According to a study of 10,000 machines by security firm Trusteer, Zeus is detected just 23 percent of the time, even by the most up-to-date AV software. The trojan is estimated to be responsible for 3.6 million current infections in the U.S. alone.
The Conficker worm, another major threat in terms of failed detections, has co-opted an estimated five million machines worldwide since its release in November 2008. Conficker is responsible for much of the malvertising encountered online. Malvertising, or malicious advertising, often offers a cure for a viral infection or installs backdoors or trojans upon a click.
