However, Cisco says, the Trojan does not; it remains and could be reactivated. Separate from the Cisco report, some victims of the exploit report that unauthorized charges appeared on their credit cards after using them to buy the anti-virus software.

Cisco says it perceives cooperation among the security community as increasingly effective in fighting attacks. "One bright spot is that vulnerability and that activity has been off to a slower start this year compared to 2008," the report says. "This could indicate the security community is succeeding in making it more difficult for attacks to take root and grow."

Web sites that are infected to download malware to unsuspecting visitors will increase, the report predicts. These sites represent nearly 90% of all Web-based threats, the report says. Creation of botnets will be a particular goal of this type of malware, it says.

The report recommends that businesses maintain patches to fend off attacks. Educating employees about protecting their own identities and upholding corporate security policies is essential. At the same time, security executives should realize that insiders pose a great threat, especially when layoffs are threatened. Even those surviving layoffs employees may become disgruntled and try to steal data or disrupt corporate networks, the report says.