If it feels like threats are snowballing out there, it’s not your gut deceiving you: malware creation has broken all records during the first quarter of the year, with a figure of more than 15 million new samples appearing for the period, and more than 160,000 new samples appearing every day.
Panda Security’s PandaLabs quarterly report for Q1 2014 has concluded that trojans are still the most abundant type of new malware, accounting for 71.85% of new samples created during Q1. Trojans are followed by worms, at 12.25%, and viruses, at 10.45%.
So far in 2014, trojans are still the malware most commonly used by cybercriminals to infect users. According to data from PandaLabs, four out of five infections around the world were caused by trojans, which translates to 79.90% of the total. Viruses are in second place, accounting for 6.71% of infections, followed by worms, with a ratio of 6.06%.
Unsurprisingly, in the area of mobile devices, there have been increasing attacks on Android environments. The firm noted that many of these involve subscribing users to premium-rate SMS services without the victims’ knowledge, both through Google Play as well as ads on Facebook, using WhatsApp as bait.
Malware is also becoming more successful: During the first three months of the year there have been some of the biggest data thefts since the creation of the internet. For instance, credit ratings agency Korean Credit Bureau was the victim of a cyber-attack that resulted in the theft of personal financial information from 105.8 million banking accounts. The stolen information included credit card numbers, names, phone numbers, home and email addresses and even passport numbers. If you take into account the fact that South Koreans on average have five credit cards, it means that at least 21 million users may have fallen victim to the attack, approximately 42% of the country’s total population. There were less mammoth but still significant incidents as well: Orange for instance reported a hack that resulted in 800,000 customer records being compromised.
Meanwhile, as expected, Cryptolocker, the malicious file-encrypting ransomware which demands a ransom to unblock files, has continued to claim victims. One of its many victims was Goodson’s law firm in North Carolina (USA), which admitted that every legal file on one of its main servers had fallen prey to the malware. But the quarter also saw several CryptoLocker-esque variants, which have popped up on underground forums and in the wild. These include CryptoClone and CryptoLocker 2.0, which have added functionality to officially make them self-replicating worms for greater possible damage.
“Incidents like this highlight once again the importance of backup policies in business environments, as the damage done by data breaches such as this would be clearly mitigated with a backup copy that allowed organizations to restore their information easily,” PandaLabs pointed out in the report.
The global infection rate during the first three months of 2014 was 32.77%. China is once again the country with most infections, with a rate of 52.36%, followed by Turkey (43.59%) and Peru (42.14%). Although Spain is not in the top 10 of the ranking, PandaLabs noted that it is still above the global average with 33.57%.
European countries ranked high among the least infected countries, with the best figures coming from Sweden (21.03%), Norway (21.14%) and Germany (24.18%). Japan, with a ratio of 24.21%, was the only non-European country in the top 10 least infected.