Malware authors hit by recession too

Even crims feeling pinch says security company.

The recession might be having at least one positive effect - it has started cutting the volume of malware.

According to an analysis by German software security company G Data, the number of unique malware signatures dropped by 30 percent between May and June, a fall the company thinks is not a natural lull caused by the holiday season.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and Security Central newsletter, both from InfoWorld. ]

G Data's Ralf Benzmller interprets the drop to be caused by the same economic forces that have hit legitimate parts of the economy. Criminals have less money to invest in generating malware, which costs money to program, which causes output to drop.

"The black economy operates according to demanding economic criteria: supply and demand define business. The global economic crisis has not left the e-crime economy untouched," says Benzmller in an official release.

"Following on from dumping prices for the sending of spam, the downturn has now reached the writers of malware code. Order books for this particular branch of the industry seem currently to be falling back. Therefore we expect a stagnation in new malware figures for the current month."

It is worth putting the latest figure into context. In June the number of malware samples detected by the company fell to 83,072, down from May's 123,581, but only a smaller amount down on April's 93,785.

If his analysis is correct then the fall could continue or stagnation could set in, both of which would be good news. Stronger evidence would be that different type of malware were falling or growing relative to one another.

In the criminals have less money to throw at malware creation, that would tend to suggest fewer Trojans and other type of relatively sophisticated malware, and a rise in cheaper forms of e-crime such as spam. But spam almost always rises because better detection forces criminals to send more of it.

Other type of attack such as DDoS, direct extortion and targeted attacks might also be expected to rise, which the company's breakdown figures do bear out to a modest extent. As with conventional economics, predicting the future looks nearly impossible.

Benzmller ends by predicting that the tough economic climate could see malware and social engineering related to special events rise. "There will definitely still be individual peaks. The latest global events and catastrophes constantly provide the online criminals with new ways of targeting their victims," he says.