Anti-virus companies frequently state that the majority of malware threats exist on the internet, and specifically on websites. For this reason, they are developing reputation-based systems that can block websites and the malware that they try to download onto victims' computers. However, the world's largest anti-virus company has recently discovered that more than half of malware floating around in Europe is spread using USB drives. This contradicts the prevailing opinion.
Symantec's 2009 Internet Security Threat Report found that 65 per cent of malicious code is spread using removable media. From a Symantec press release, dated 15th June 2009:
"The popularity and increased use of USB-based media, such as memory sticks and MP3 players, has resulted in a resurgence of this historically successful method of malware."
Common, high-profile worms that use this method include four of the top malicious code samples in the EMEA (Europe, Middle East and Asia) region:
- Mabezat
- SillyFDC
- Sality
- Gammima
This demonstrates that you still need a traditional anti-virus program running on your PC rather than relying 100 per cent on options that rely solely on website reputation, that need an internet connection to operate 'in the cloud' or that deal only with network traffic.
