The number of malicious software programs vying to take up residence on unsuspecting computer users' hard drives has quadrupled in the past...

Share story

WASHINGTON — The number of malicious software programs vying to take up residence on unsuspecting computer users’ hard drives has quadrupled in the past two years, according to security experts.

The growth has set off alarms at security firms, which say identifying viruses has become more time-consuming and expensive.

About 5.5 million malicious software programs were unleashed on the Web last year, according to AV Test Labs, a German company that measures how quickly and accurately anti-virus products detect malicious software, also known as malware. That number has increased by four times since 2006 and by at least 15 times since 2005, according to the company.

“Back in 1990 we were seeing a handful of new viruses each week,” said David Perry, global director of education for Trend Micro, an anti-virus company in Japan. “Now, we’re having to analyze between 2,000 and 3,000 new viruses per hour.”

Much of the malware harvests financial and personal data, which is sold to groups that turn the information into cash through identity fraud. Cybercriminals also use infected machines to anonymously attack others, relay junk e-mail or host fraudulent Web sites advertised through spam.

The proliferation of viruses and other malware has forced the anti-virus industry to change how it writes software and to make its products far more powerful.

“A lot of these shops are now hiring professionals and doing quality-assurance work … ,” said Randy Abrams, technical-education director at ESET, an anti-virus firm in Slovakia.

Malware writers are taking steps to ensure computers infected with their creations stay infected, according to researchers. In the past, no matter how quickly an anti-virus product shipped updates to detect the malware, most anti-virus software would eventually sound the alarm if a virus managed to slip past.

But more of today’s cybercriminals are continuously updating the malware they install on victims’ computers, replacing older malicious files with new ones to keep them hidden.