Yury Mashevsky of anti-virus company Kaspersky Labs has published a good article that outlines the state of the crimeware threat environment that we face in 2010.
Mashevsky illustrates the exploding number of financial crimeware/malware samples that Kaspersky has received on a quarterly basis since the financial crimeware industry got started in 2005.
This graph shows the increase in the number of unique malicious programs used to steal money from Internet users. Source: Kaspersky Lab
As banks roll out new security technologies and techniques, the criminal underground quickly develops means to defeat these technologies. The exploits are rapidly (often within 30 days) widely available in numerous crimeware variants that criminals can purchase over the Internet. Attacks are often hosted on computers in different countries that where the banks and their customers are located, making it very difficult to get websites that host malware or command & control servers taken down.
Mashevsky concludes that to make meaningful progress in the battle against an exponentially growing threat will require much tighter collaboration between financial institutions, their customers, the security industry, and government agencies.
