Researchers at Panda Labs found that of the roughly 37,000 new malware samples the company collects each day, only 48 per cent are still active and targeting users after 24 hours.
The reason behind the high turnover, according to Panda Labs, is to avoid detection. The company said that many malware samples are frequently modified and re-deployed so that security software cannot detect and remove the code from infected machines.
"This is a never-ending race which, unfortunately, the hackers are still winning," said Panda Labs technical director Luis Corrons.
"We have to wait until we get hold of the malware they have created to be able to analyse, classify and combat it. In this race, vendors that work with traditional, manual analysis techniques are too slow to vaccinate clients, as the distribution and infection span is very short."
The company also noted that the high turnover rate could also explain the explosion in new malware detections over recent years.
Panda said that security researchers have catalogued some ten million new samples over the last year-and-a-half. By comparison, the total malware volume between 1990 and 2008 was said be around 20 million.
The explosive growth in malware has also prompted vendors to change their practices. Many vendors have begun to complement signature-based detection with behaviour-based 'heuristics' tactics. Companies have also begun to look to cloud computing and web services to provide more consistent updates.