Spyware Declined During 2005?

A study conducted at the University of Washington, “A Crawler-based Study of Spyware on the Web” (PDF) crawled more than 18 million Web pages across eight broad categories looking for spyware, once in May 2005 and again in October 2005. In May, it found that 13.4 percent of the 21,200 executable files it found bore spyware, and 3.4 percent of the domains it accessed contained “drive-by download” attacks which exploited known security flaws in attempts to install spyware and malware. However, by October 2005, the frequency of sites carrying “drive-by download” attacks had dropped to 1.6 percent of the domains surveyed.

The study tested using both Internet Explorer and Firefox browsers for Windows, and found that sites related to gaming and celebrities more frequently carried piggybacked spyware than other categories, while sites which claimed to offer discount and pirated software were the most likely to attempt “drive-by” attacks exploiting known security flaws.

The study speculates the decline in “drive-by” spyware attacks between May and October 2005 may be due to an increased awareness and utilization of anti-spyware tools, regular installation of Windows updates, and a series of publicized lawsuits against spammers and spyware distributors.

Even with the decline, the crawler-based survey found a drive-by attack in 1 of every 62 domains crawled, and that 1 i 20 executable files contained piggy-backed spyware.