Malicious code targeting confidential information held on desktops is on the rise, according to the latest Internet Security Threat Report from Symantec.

During the first half of 2005, malicious code that exposed confidential information represented 74 per cent of the top 50 malicious code samples reported to Symantec, up from 54 per cent in the previous six months.

Such threats focus on the theft of funds, particularly when credit card information or banking details are exposed, and are more prevalent due to increased online shopping and internet banking.

Symantec explained that criminals are even renting the computer code needed to run malicious attacks on so-called bot networks, hijacked computers used surreptitiously by hackers.

"Attackers are moving away from large, multipurpose attacks on network perimeters towards smaller, more targeted attacks directed at web and client-side applications," said Arthur Wong, vice president of Symantec's Security Response and Managed Security Services.

The firm observed an average of 10,352 active bot network computers per day, an increase of more than 140 per cent on the previous reporting period's 4,348.

Symantec also reported a rise in modular malicious code that has limited functionality initially, but then downloads additional functionality once a system has been infected.

This shift is significant as it indicates that attackers may be attempting to avoid detection and to compromise systems further by opening back doors or visiting websites where further malicious code can be retrieved and placed on the target system.

In line with previous reports Symantec also found that phishing attacks are continuing to proliferate. The volume of phishing messages grew from an average of 2.99 million a day six months ago to 5.70 million today.