Study: Adware Increasing Exponentially
The prevalence of adware and spyware is increasing at an exponential rate, and only one out of every 33 Web users can correctly identify a 'safe' and 'unsafe' site, security firm McAfee said in a report first released Monday. The study's results are troubling and indicate work to stop the spread of these applications must be intensified.
While from 2000 to 2002 only about 40 adware families existed, over the following four years, that number increased over ten times to over 450 different families. In addition, these programs had some 4,000 variants, the company found.
Even more troubling was the firm's research into whether or not users could correctly identify a 'safe' or 'unsafe' site. A survey on McAfee's SiteAdvisor.com challenged consumers to correctly identify which sites were free of adware and spyware. Only 3 percent of participants correctly identified the unsafe site.
"[This means] that the vast majority are just one click away from infecting their PCs with spyware, adware, or some other kind of unwanted software," McAfee said in the report. Additionally, the company said search engines were exacerbating the problem, with some search terms returning results with as much as 72 percent of the sites infected with malware.
Another surprising discovery is where the spyware and adware is coming from. Whereas many would believe that adult and pornography sites are the worst offenders, this is not the case. Leading the categories is star and celebrity sites, of which 16.3 percent of the files are dangerous. Second is screensaver sites with 11.5 percent, and third is adult sites, with 11.4 percent.
The reason behind the continuing sharp increase of adware and spyware sites is that hosting these programs is becoming an increasingly lucrative business. In one case, an adware developer made as much as 15 cents per computer he infected, a much higher rate than traditional affiliate programs offer.
In some cases, adware purveyors are making as much as $10,000 per month to infect computers with these programs. They are becoming smarter as well, mixing traditional (and more legal) ways of generating affiliate revenue with the more unscrupulous ones.
"The mixing of criminals and legitimate affiliate-marketing activities confuses both merchants and consumers, blurring the boundary between malicious, unwanted programs and friendly software," McAfee said.
In conclusion, McAfee said that while security firms and law enforcement are doing their best to prevent the further spread of adware and spyware, in the end it's the user's responsibility.
"There is no substitute for end-user vigilance to protect confidential information from being taken and to prevent bot-herders from building up their drone networks," it argued.