Anti-spyware firm Webroot have produced a survey which claims that spyware – invasive programs that generate pop-ups, hijack home pages and redirect searches – generate an estimated US$2bn (~£1.05bn~€1.54bn) in revenue a year.
The report suggests that a huge number of consumer computers are infested by some form of spyware, with their SpyAudit software revealing that 88 per cent of scans found some form of unwanted program (Trojan, system monitor, cookie or adware) on consumer computers.
Based on their scans from the first quarter of 2005, the vast majority of corporate PCs (87 per cent) were also found to have undesirable programs or cookies lurking within.
Excluding cookies, more than 55 per cent of corporate PCs contained unwanted programs, with infested consumer PCs crawling with an average of 7.2 non-cookie infections.
Dastardly system monitor programs (key loggers) were found in seven per cent of consumer and enterprise PCs scanned using Webroot’s software, down from 19 per cent in Q4 2004.
Lallygagging trojan horse programs were found on 19 per cent of consumer PCs and seven per cent of enterprise PCs, a figure unchanged from Q4 2004.
“To combat spyware effectively, the anti-spyware industry must be fully informed about the origins of spyware, its growth path and the impact it has on consumers and businesses,” warned David Moll, CEO at Webroot.
“Our previous Quarterly SpyAudit Reports have provided a numerical analysis of spyware’s growth, but our industry has been lacking a comprehensive resource that fully documents the spyware threat. The State of Spyware Report fills that void and delivers the most in-depth, expansive review and analysis of spyware to date.”
Webroot’s data comes from an analysis of stats from Webroot’s consumer and corporate SpyAudit tools and from online research conducted by Webroot’s automated spyware research system, Phileas.
Although most spyware is associated with flesh-tastic porno sites and deeply dodgy warez sites, Phileas recognised 4,294 sites (with almost 90,000 pages) containing some form of steeenkin’ spyware.
Here’s the science: Webroot reached their figure for the value of the spyware market by multiplying the average number of pieces of adware per machines (4.38, they say) by the number of active users on the net (290m – according to Nielsen Netratings) times the value of each adware installation per year – US$2.25 (~£1.18~€1.73), a figure derived Claria’s filing that it made US$90m (~£47.3m~€69.5m) a year from 40m “users”.
Although these figures seem disturbing, many industry eyebrows have arced skywards at Webroot’s figures, with an article in Techdirt suggesting that the company might be trying to pump up its own value by exaggerating the threat.
The scathing piece points out that Webroot is using a highly controversial method of including “mostly harmless tracking cookies” and lumping them in with spyware to boost the apparent size of the market.