"The most important changes in the malware world [in 2004] include the criminalization of the Internet with malicious code writers and hackers migrating to the creation of bot networks to support spammers."

With these words, four security experts associated with Moscow-based Kaspersky Labs reviewed 2004, a year which saw the recent arrest of a Russian phisher in Boston (he was charged with multiple counts of fraud, identity theft and the use of credit card scanning devices).

The experts - Eugene Kaspersky, David Emm, Aleks Gostev, and Marc Blanchard - end their report on 2004 by emphasizing this aspect of the battle against malware: the "significant" number of arrests of malicious code writers. In February, the Belgian virus writer Gigabyte was arrested. In May, two virus writers were arrested in Germany.

"The first was Sven Jaschen," they write, "who admitted to writing Sasser and some Netsky variants. A second coder was arrested for creating the numerous Agobot/Phatbot worm families. These arrests followed the announcement by Microsoft of bounties for information leading to the arrest of virus writers. In July, a Hungarian teenager, 'Laszlo K', was found guilty of distributing the Magold.a worm that became widespread in Hungary during May 2003. He was sentenced to two years probation and ordered to pay court costs of $2,400. In the same month, a computer engineer from Taiwan was arrested and tried in Spain for distribution of the Cabrotor Trojan: Oscar Lopez Hinarejos was sentenced to two years in prison. There were other arrests in the same month In Taiwan, Canada and Romania. In August, Jeffrey Lee Parson, a teenager from Minnesota, pleaded guilty to damaging computers by creating the Lovesan.b worm."

The fast spread of viruses and worms during the last few years has clearly demonstrated the global nature of the threat. Increasingly, however, law enforcement is becoming a global phenomenon, with government authorities from various countries collaborating to bring to justice malicious coders.

One example of how successful such joint operations can be, the writers note, is the arrest of 28 people in October in connection with identity theft in six countries. The operation involved the US Secret Service, the UK National Hi-Tech Crime Unit, the Vancouver Police Department's Financial Crimes Section [Canada], the Royal Mounted Police [Canada], Europol and police agencies in Belarus, Poland, Sweden, The Netherlands and Ukraine.

A separate list of the top 10 threats in 2004 - from McAfee - says they all fell into one of the following key areas: spyware/adware threats, email-borne virus threats, and malware threats delivered by spam.

Santa Clara, CA-based McAfee Security listed them in alphabetical order as follows: