Kaspersky: 2012 saw billions of new attacks, especially Mac, Android

According to its annual Kaspersky Security Bulletin, which provides overall malware and cyber-threat statistics for 2012, there has in particular been significant growth of Mac-specific malware and an explosive growth in the number of threats targeting the Android platform. An increase in threats also means that the UK has been upgraded to the ‘high risk group’ of countries, based on the number of blocked web attacks and local malicious files.

“What 2012 has shown is the strong inclination of cybercriminals to steal data from all devices used by consumers and businesses, be it a PC, Mac, smartphone or tablet,” said Costin Raiu, director of the global research & analysis team at Kaspersky Lab. “This is one of the most important trends of 2012. We are also observing a strong increase in the overall number of threats, affecting all popular software environments.”

 He pointed out that the beginning of 2012 saw the discovery of Flashback, a 700,000 strong botnet comprised of infected Apple computers running Mac OS X. The significant outbreak was caused by a new variant of the Flashfake malware and the security incident put an end to the perception of the Mac OS X platform as being invulnerable to exploitation. In addition to mass-malware, Mac OS X computers also became frequent victims of targeted attacks.

“The main reason for this is that Apple products are popular with many influential politicians and prominent businessmen, and the information stored in the devices owned by these people is of interest to a certain category of cybercriminals,” Kaspersky said. “In total, Kaspersky Lab’s antivirus experts created 30% more signatures to detect various Mac Trojans in 2012 compared to 2011.”

Android malware meanwhile has established itself as a main point of interest for cybercriminals. “Although malicious programs for other mobile platforms, such as Symbian, Blackberry or J2ME, are still being developed, 99% of all newly discovered mobile malware targeted the Android platform,” noted the company. “Despite attempts by Google to introduce its own anti-malware technology, malicious applications continue to appear in the official Google Play store.”

In 2012 the first incident with an ambiguous app collecting the address book data and sending spam was recorded at Apple App Store as well. Just like traditional PCs, mobile devices are now targeted with high-profile cybercriminal operations, including targeted attacks and creating “mobile” botnets.

In 2012 Kaspersky Lab’s products blocked an average of more than 4 million browser-based attacks every day, with the total number web-based attacks surpassing 1.5 billion for the year. The most frequently used technique for attacking users online is exploiting vulnerabilities in programs or applications. Throughout the year Kaspersky Lab’s experts registered both large-scale and targeted attacks utilizing vulnerable software, it said, with Oracle Java being the most frequently targeted (50% of attacks). Adobe Reader ranked second (28%) and Adobe Flash player occupies the fourth place with only 2% share, thanks to efficient automatic updating system that promptly closes security holes.

 “In addition, some of the exploits actively used targeted older vulnerabilities that still existed in various Windows operating systems,” said Kaspersky. “One of the explanations for this is that older versions of Windows are still actively used. For example, share of computers with Windows XP in 2012 was 44%, compared to 63% in 2011 – not a significant drop given Windows 7 has been available for three years and Windows 8 was recently released this year.”

 Overall, more than 3 billion malware incidents were detected and blocked by Kaspersky Lab’s software on users’ local hard drives and external storage. In total, 2.7 million unique modifications of malware and potentially unwanted programs attempting to launch on users’ computers were detected during these incidents, it noted.