Image: Michael Kirkham/Heart

Internet users are being warned to stay vigilant by researchers who believe that next Monday could be the worst day the year for computer attacks.

After analysing information on viruses and internet worms taken from more than 500,000 machines around the world, security experts at PC Tools have pinpointed November 24 as the potential peak of malicious software activity for 2008.

Data from 2007 showed that the high point of action from viruses, worms and other internet-based attacks came three days before America’s Thanksgiving holiday, leading them to suggest that the same day could prove the bleakest 24 hours of this year.

The company says the increase in virus activity could be the result of internet shopping in the run-up to Christmas, as millions of users begin going online to purchase gifts for their friends and family.

With the chance for criminals to access financial details, online shoppers make an attractive target for the writers of malware.

The number of people shopping online this Christmas is expected to grow again this year, with internet sales in the UK alone predicted to hit £13.16bn – an increase of 15% over 2007.

More people are expected to use the web for their shopping as a way of finding lower prices to help them beat the credit crunch.

But while security experts are expecting the traditional increase of malware over November and December, they have also warned of another source of potential attacks. Spammers and criminals have attempted to use the popularity of American president-elect Barack Obama as a way to trick users into downloading malware.

A flood of emails purporting to link to a video of Obama’s acceptance speech were actually connected to a trojan horse program which would compromise the target’s PC. Meanwhile, a separate burst of spam messages contained a file called BarackObama.exe, which, when activated, places a rootkit on the victim’s machine and opens it up to hackers around the world.

Update on Pentagon Hacking Incident

Chinese Military Hacks Pentagon’s computer system

Did you know that you can buy a keystroke logger for $23 or pay $10 to have someone host your phishing scam? Having a botnet at your fingertips will cost you $225, and a tool that exploits a vulnerability on a banking site averages $740 and runs as high as $3,000.

That’s according to the Symantec Report on the Internet Underground Economy due to be released Monday.

Symantec researchers spent a year observing the chat among cybercriminals on IRC channels and forums on the Internet between July 1, 2007 and June 30, 2008 and were able to piece together a veritable menu of malicious code, as well as dig up detailed information on the exchange of highly prized financial information.

For example, credit card information accounted for more than 30 percent of all of the types of goods and services sold and was the most requested category. Bank account credentials were the most commonly advertised thing for sale on underground economy servers monitored by Symantec, with prices ranging from $10 to $1,000 depending on the balance and location of the account.

This is a lucrative business, Symantec has discovered. If the sellers were able to sell everything they were offering, the amount would reach more than $275 million. That represents just the sales amount. Factoring in the emptying of victims’ accounts and maxing out credit cards, the potential worth of credit card information and bank credentials for sale would be $7 billion, the report estimates.

The report also studied trends in software piracy, with researchers monitoring those sales between July and September of this year. The most pirated software was found to be desktop games, followed by utility applications and then multimedia software, such as photo editors, 3D animation, and HTML editors.

There is some interesting geographical data as well. Most of the people uploading pirated software to be sold were in the United States, the report found. The U.S. was home to most of the underground economy servers (41 percent) followed by Romania (13 percent) and North America had the largest number of underground economy servers.

Meanwhile, cybercriminals in Russia and Eastern Europe appear to be more organized than their counterparts in the North America who are “often made up of acquaintances who have met in online forums and/or IRC channels,” the report says.

This table shows the sales price and estimated value of pirated software sold on underground economy servers monitored by Symantec.

(Credit: Symantec)