First introduced in beta in April, Panda Cloud Antivirus graduates to a stable, public release and signifies a major security vendor taking aim at the freeware competition--instead of the other way around. Cloud Antivirus was notable on its beta release for being one of the few security options available to users that contained most of its protections in the cloud. This allowed it to protect users while consuming significantly fewer resources than many competing programs.
Panda Cloud Antivirus 1.0 is notable as a free security solution for two reasons: Panda is a reputable security vendor, and the program achieves its goal of freeing up system resources. In a press release, Panda Security CEO Juan Santana described Cloud Antivirus as a game-changer. It's not clear quite yet that that's the case, but at the very least the program looks to fill a niche created by resource-conscious netbooks.
As light on resources as advertised, Cloud Antivirus offers strong reputation-based protection for those who want their security program out of sight and out of mind. A third-party efficacy evaluation wasn't available at the time of writing, but in empirical testing the program only used 9 MB of RAM while idle, and only 56 MB of RAM when scanning. Many other security programs will run scans at 150 MB of RAM or more.
Despite keeping most of its database in the cloud, Panda Security's Senior Research Advisor, Pedro Bustamante, noted during an interview in October that Cloud Antivirus isn't disabled just because the host computer is disconnected from the Internet. "Panda has an offline mode that uses a small cached copy of Collective Intelligence on your local drive, it's only the most recent threats on a real time wild list." Collective Intelligence is the name that Panda gave its cloud system when it was introduced in 2007.
When you open Cloud Antivirus, the main window lets you know whether you're safe or not with a big red or green icon. Cloud Antivirus works as other antivirus solutions do, offering a Quick Scan and a Custom scan for specific folder, files, and drives, but its ancillary features are exceptionally light. The Quick Scan took 13 minutes on my Windows 7 Lenovo T400 laptop.
Dragging an active Cloud Antivirus window, in Windows 7 at least, will turn it translucent.
(Credit: Screenshot by Seth Rosenblatt/CNET)You can opt out of contributing anonymous data to the cloud, but that also opts you out of automatic threat management. There's a network connection proxy option should you need it, and a reporting feature that will show you what kind of threats have been detected and removed from your computer. You can filter the report by All, Last 24 hours, Last Week, or Last Month, and there's a Recycle Bin pane from which you can recover a false positive, should you need it. Unfortunately, the Recycle Bin is hidden behind an obnoxious "flipping" screen that cheesily rotates when you need to access it.
If you're familiar with the minimalist Microsoft Security Essentials, Cloud Antivirus is even simpler. I did notice some odd interface rendering around the minimize and close buttons in Windows XP, but not in Windows 7. There are other more serious concerns about the program. Most notably, it lacks a scheduler, and it removes user input from update functions. Scans are also limited: you can tell the program what to scan, but not what to look for, so forget about toggling heuristics or rootkits. Then again, the point of this kind of security is that it's all wrapped into one.
Keeping in mind its limited feature set, and that we don't have efficacy numbers at the time of reviewing, Panda Cloud Antivirus makes good security choice for those willing to take the plunge.
A rise in malware has caused the number of infected PCs worldwide to increase 15 percent just from August to September, says a report released Tuesday from antivirus vendor Panda Security.
Across the globe, the average number of PCs hit by malware now stands around 59 percent, an all-time high for the year. Among 29 countries tracked, the U.S. ranked ninth with slightly more than 58 percent of its PCs infected. Taiwan hit first place with an infection ratio of 69 percent, while Norway came in lowest with only 39 percent of its PCs attacked by malware.
(Credit:
Panda Security)
The study found that in the U.S., Trojans and Adware were the two most pernicious types of malware, followed by worms and viruses.
(Credit:
Panda Security)
"This is a clear sign that hackers are becoming more and more sophisticated," said PandaLabs Technical Director Luis Corrons. "Cybercriminals have found news ways to spread their creations, frequently exploiting the latest news stories to launch attacks through social networks, videos, and e-mail. The huge amount of Trojans in circulation is due to the spectacular increase in the number of banker Trojans aimed at stealing user data."
The company based its results on data taken from users who scanned their PCs with the free Panda ActiveScan online tool. The results for September were gathered from August 28 to September 28 and compared with the results from July 28 to August 27.
Malware posing as antivirus software is spreading fast with tens of millions of computers infected each month, according to a report to be released on Wednesday from PandaLabs.
PandaLabs found 1,000 samples of fake antivirus software in the first quarter of 2008. In a year, that number had grown to 111,000. And in the second quarter of 2009, it reached 374,000, Luis Corrons, technical director of PandaLabs said in a recent interview.
"We've created a specific team to deal with this," he said, of the rogue antivirus software that issues false warnings of infections in order to get people to pay for software they don't need. The programs also typically download a Trojan or other malware.
PandaLabs found that 3 percent to 5 percent of all the people who scanned their PCs with Panda antivirus software were infected. Using that and worldwide computer stats from Forrester, PandaLabs estimates there could be as many as 35 million computers infected per month with rogue antivirus programs.
About 3 percent of the people who see the fake warnings fall for it, forking over $50 for an annual license or $80 for a lifetime license, according to Corrons.
Last September, a hacker was able to infiltrate rogue antivirus maker Baka Software and discovered that in one period an affiliate made more than $80,000 in about a week, said Sean-Paul Correll, a PandaLabs threat researcher.
A Finjan report from March estimated that fake antivirus distributors can make more than $10,000 a day.
"The general consumer doesn't understand" the threat, Correll said. "No legitimate antivirus vendor will start a scan automatically on your computer without your consent."
After all the hoopla about the Conficker threat, researchers seemed almost relieved that it turned out to distribute fake antivirus software instead of something much worse.
Updated June 5 10:50 a.m. PST to clarify that scammers were blending their tweets in with legitimate tweets on an already popular PhishTube topic.
Online scammers are targeting people looking for popular topics on Twitter and Google to lure them to Web sites that display fake security warnings and try to sell them antivirus products, PandaLabs said on Wednesday.
This technique isn't new, but seems to be widening on Google and is particularly successful on Twitter where links are spread fast and furiously and people often don't think before they click.
Scammers took advantage of the popularity of "PhishTube Broadcast" on Twitter in order to spread links to sites with fake antivirus malware.
(Credit: PandaLabs)In the Twitter scam, hundreds of fake accounts have been posting tweets that reference the band Phish, which has a cult-like following, according to a PandaLabs blog.
There were so many of the tweets, which say "PhishTube Broadcast," that the term showed up in the Trending Topics list. While there were many legitimate tweets for that topic, scammers posted tweets that contained links that eventually lead to spoof porn pages that infect victims with the fake antivirus malware if they click anywhere on the page, PandaLabs said.
PandaLabs researchers also discovered links to malicious Web sites high up in searches on Google for "Microsoft" and its "Project Natal" gaming technology. The malicious sites display fake messages saying the computer is infected with viruses and offer to sell antivirus software.
The researchers then tried other popular searches and found 16,000 malicious links targeting "YouTube," 10,500 targeting "France" and "airline crash" and thousands of others targeting people searching on "E3," "Sony," and "Eminem" with "MTV Awards" or "Bruno," according to another PandaLabs blog post.
Cybercriminals have moved on from search engine optimization techniques and are now creating fake search sites designed solely to direct Web surfers to pages hosting malware, Panda Security warned on Wednesday.
Previously, attackers resorted to sending e-mails with malicious code in attachments and with links to malicious Web sites and took measures to push those Web sites higher in search engine rankings. Now, they're also creating fake search engines that are showing up in Google search results, according to a PandaLabs blog posting.
When people use the engines to search for popular terms, like "flu statistics," the results displayed redirect to porn sites that purport to show video but require the visitor to install what they say is the latest version of a video player but which instead is malware, the post said. Searching on the fake search engines for security topics leads to fake antivirus sites, PandaLabs said.
One of the fake search engines has received about 195,000 visits, according to the post.
Web surfers should use reputable search sites to protect themselves, PandaLabs recommends.
This screenshot shows results on a fake search engine that redirects visitors to sites hosting malware, according to PandaLabs.
(Credit: PandaLabs)
By pushing as much resource usage as possible into the clouds, Panda Security's new Cloud Antivirus aims to free up the RAM hogging that plagues many security programs. However, testing the new beta revealed slower-than-anticipated scan speeds when doing an on-demand full hard drive scan. Panda's got a solution that might help some users: turn off logging while running the scan.
Cloud Antivirus splits the usual scanning process into three separate processes. The OnAccess Scan detects executing threats, the OnPrefetch Scan detects non-executing threats that are likely to run in the future, and the OnBackground Scan checks all local files when the computer is idle. Because of the way that the scans utilize idle CPU time, the background scan could still be logging when you start an on-demand scan.
The solution is to deactivate the logging feature when you're running a heavy-duty, system-wide scan. This is risky if you forget to turn it back on after you're done, and highlights the lack of advanced options available through the interface. "It's something we're aware of and still fine-tuning," said Pedro Bustamante, senior research adviser at Panda Security, in an e-mail.
Deactivating the advanced logging works, although users shouldn't expect dramatic changes. Scan times increased from 45 percent completed in 30 minutes to 45 percent done in 25 minutes. To toggle the log, download the two Registry keys found at the top of this blog post. Double-click on LoggingOff.reg and reboot your computer to turn off the log, then when you're finished double-click on LoggingOn.reg and reboot to re-activate it. I strongly recommend reading the entire post, though. Bustamante has included a lot of information on how Cloud Antivirus works. The known problems blog post is also worth looking at.
If you do try this Registry tweak out, post your results in the comments below.
Earlier Wednesday, Panda Security introduced Cloud Antivirus beta, the first full-featured cloud-based antivirus program. It does two things that make it competitive and unique compared with its competitors that are tied to your desktop: it prioritizes threats based on type, and it attempts to lighten the load that security programs place on your system resources by moving definition files to a community-based cloud.
Panda Cloud Antivirus and its system resource usage as it performs a scan.
(Credit: Screenshot by Seth Rosenblatt/CNET)The big concern about a cloud-based antivirus is performance, and Cloud Antivirus handled itself decently enough--although it's not a record-setter. On a ThinkPad T42 with a 1.7 GHz Pentium M chip, 1.5 GB RAM, and running Windows XP SP2, Cloud Antivirus used about 23 MB of RAM when idle.
When running a scan, the scan client ate around 40 MB, but the main client jumped to around 32 MB. The scan also took a long time, with only 45 percent of the computer scanned in more than 30 minutes. Pausing the scan client dropped the usage rate from 40 MB to 2 MB.
If you install the program, you can find it listed in your task manager under PSANHost and PSUNMain. There was no noticeable lag when loading programs such as Firefox or MS Word, no browsing the Web. Granted, these tests are empirical and casual, but they bode well for future use by the average consumer.
In February of this year, Panda received higher scores than before for its antivirus detection abilities and lower false positives than in previous years from AV-Test.org.
The program uses a minimalist design to emphasize its features. Cloud Antivirus runs as a panda icon in your system tray. Double-click to open the main screen, which sports a dark theme with translucent borders. The entire window goes translucent when you drag it.
Your security status will appear first, with a large icon and font size telling you whether you're in trouble. Somewhat counter-intuitively, the status tab is on the right side of the window. Moving from right to left, the tabs use icons to identify their features. A bar chart represents the Report tab, a magnifying glass for the Scan tab, and a gear wheel for the Settings. A hard-to-see turned-corner arrow lives in the bottom-right corner of the pane. Click it, and it takes you to the "neutralized" window--basically, it's the quarantine. The arrow then moves to the lower left corner, which you need to click again to get back to the main tabbed window.
The layout isn't hard to follow, but users will have to do some exploring since there's no mouse-over labels to help here.
The Settings tab hides proxy settings and a toggle for Panda's proprietary Collective Intelligence cloud network. Turn it off, and one of the program's most powerful features goes away. You'll still get cloud-based definition updates, but you won't be contributing to the community that's keeping you safe. The Scan tab has two options: to scan your entire computer, or to scan selected files or folders from your desktop. The Reports tab lets you see the results not only of your last scan, but also of scans from the past 24 hours, previous week, and past month.
Panda Cloud Antivirus looks like a move that could have long-reaching effects for consumer security, showing that just because your protection is based in the clouds doesn't mean your head is lodged in them.
Clarification made April 30 at 12:40 p.m.: This story initially contained a typo, inadvertently giving the wrong measurement of RAM on the ThinkPad we used for our testing. It has 1.5 GB of RAM. Thanks go to several readers for pointing out the error in TalkBack.
With threats like Conficker fresh in the public's mind, security remains a top concern for Windows users. Panda Security, publishers of Panda Internet Security and Panda Antivirus, is set to take antivirus where it hasn't been yet: into the clouds. Panda Cloud Antivirus beta bets that nearly three years of development can pay off into a better protection system for users. To that end, Panda's willing to make the client free for personal use--even after it leaves beta testing.
Panda Cloud Antivirus offers on-demand scanning.
(Credit: Panda Security)You can also download the program from CNET Download.com.
The program uses Panda's proprietary cloud computing technology, which they call Collective Intelligence, to detect viruses, malware, rootkits, and heuristics. It takes advantage of "millions of users," according to Panda, to identify new malware almost in real time. Panda says that Collective Intelligence can classify new malware in under six minutes, and that it handles more than 50,000 new samples per day. The Cloud Antivirus works by classifying threats into executables that must be scanned immediately, and non-executables that are checked at a lower priority--usually when the computer is idle.
In exchange for using consumer data to build the Collective Intelligence database, Panda decided to offer the Panda Cloud Antivirus for free, said Pedro Bustamante, senior research adviser at Panda Security.
Panda Cloud Antivirus appears to be able to handle a wide range of threats.
(Credit: Panda Security)The new program reportedly takes up around 50 MB on the hard drive and eats around 17 MB of RAM when in use. That compares well against the industry average that Panda provided of 60 MB, and Bustamante said that they're aiming for 12 MB of RAM when in use.
Cloud computing may make sense from a system resources point of view, but what happens to system security when the computer isn't connected to the Internet? "The model we've implemented is to break down the traditional antivirus to client and server, so when the user is not connected they keep a local cache copy of Collective Intelligence, including detections for what Collective Intelligence sees is spreading through the community," he said.
Panda Cloud Antivirus is for Windows XP and Windows Vista, with planned support for Windows 7 when it's released. Bustamante added that it will stay in beta as it's being accepted by users, although they hope it will leave beta by the end of this summer.
More than 10 million Internet users worldwide were hit with identity fraud-related malware last year, according to a new estimate from Panda Security.
The number of computers infected with active programs designed to steal personally identifiable or financial information that can be used for identity fraud, such as banker Trojans for stealing bank account information, rose by 800 percent from the first half of the year to the second half, the study found.
Of the 67 million computers that PandaLabs analyzed in 2008 for the study, 35 percent of those infected had up-to-date antivirus software installed. The number of users who have been actively exposed to identity fraud malware is about 1 percent of the worldwide population of Internet users, according to the study.
The researchers predict that the infection rate will increase by 336 percent per month throughout this year, based on the trend of the previous 14 months.
Researchers predict that the infection rate will increase by 336 percent per month throughout this year.
(Credit: Panda Security)
(Credit:
Disney)
Teens and young adults interested in downloading High School Musical-related music and video on peer-to-peer networks should be wary of malware, warns Panda Security.
While this may be obvious to older computer uses, younger users may not yet have experience with the social engineering used by malware writers, the security vendor said Friday in a press release.
Social engineering is not new, of course, and its creators are constantly trying new ways to hook people in. The day after the U.S. presidential election, for example, there was a wave of Barack Obama-related video links that attempted to download malware as well.
If a person opens a High School Musical-themed video or song on any peer-to-peer network such as eMule or eDonkey, his or her computer may be infected with infected by VB.ADQ, the Agent.KGR Trojan, the adware Koolbar, or another strain of malicious code.
Panda recommends being cautious when downloading files. In particular, notice the file extension. Many of the malicious files have the extension ".exe," but that is rarely the case with a legitimate music or video file.
