The number of new malware files detected each day dropped by roughly 15,000 in 2015 when compared to the last year, according to a recent report from Kaspersky Lab.
According to the security company, its products detected 310,000 new malware files each day in 2015, compared to 325,000 in 2014. The company notes in a blog post that the decrease is likely due to the fact that the coding of new malware is expensive and cybercriminals have been switching to intrusive advertising programs or legitimate digital signatures in their attacks.
Security researchers at Kaspersky Lab believe that this approach appears to be working for cybercriminals. Although they have been cutting costs associated with malware creation, the number of users attacked in 2015 has increased by 5 percent, the security firm notes.
The decrease in in the number of new malicious files detected by Kaspersky Lab follows a slower increase observed last year. In 2012 and 2013, however, the security firm observed a rapid increase in the number of new malicious files detected, from 200,000 per day in 2012, to 315,000 in 2013.
According to the security firm, cybercriminals looking for a quick return have decided that complex coding tools such as rootkits, bootkits or replicating viruses, come at a cost (often of several tens of thousands of dollars) that reduces their overall margins and revenue. Additionally, researchers note that these complex malicious programs are not protected from increasingly sophisticated antivirus software that can detect and analyze even more complicated malware.
Due to the decrease in spending associated with malware creation, 2015 marked an increase in the use of adware. It also shows an evolution in cybercriminal tactics, as bad actors are now acting almost as businesses, being engaged in selling quasi-legitimate commercial software, activity and more, the security company says.
Additionally, Kaspersky notes that cybercriminals and advanced, state-sponsored threat actors, are moving to the use of legal certificates for digital products. Bought or stolen certificates allow attackers to deceive security software that has been designed to trusts an officially-signed file more than a regular one.
“Cybercrime has lost the last touch of romance. Today, malware is created, bought and resold for specific tasks. The commercial malware market has settled, and is evolving towards simplification. I think will we no longer see malicious “code for the code.” This trend is also observed among the operators of targeted attacks,” Vyacheslav Zakorzhevsky, Head of Anti-Malware Team at Kaspersky Lab, said.