abg: Two new reports paint very different pictures of the spyware landscape in 2005.

According to a Webroot Software report, 2005 was the worst year yet for spyware, especially the real nasties:

For enterprises, between Q3 and Q4 2005, the number of Trojan horse infections increased 9 percent and from Q2 to Q4 2005, the number of system monitors like keystroke loggers increased 50 percent consecutively each quarter.

Conversely, a group of University of Washington researchers conducted a study using an automated crawler to check over 20 million web sites for drive-by executable content. They crawled in May and October of 2005 and found a dramatic reduction in the October survey:

Our results showed a 93% reduction in pages carrying drive-by attacks between May and October, from 5.9% to 0.4%. Approximately 0.2% of the pages crawled in October exploited browser vulnerabilities to install spyware even when the user denied permission for a download or script execution.

It’s possible that they’re both right, as their methodologies differ greatly.

My suggestion: First, make sure your machine’s locked down, then read the reports.

Full Story »