PandaLabs' Quarterly Report: July-September 2013

PandaLabs' Quarterly Report: July-September 2013
PandaLabs' Quarterly Report: July-September 2013

PandaLabs reports that in the first 9 months of 2013 there have already been more new malware strains detected than in the whole of 2012: "PandaLabs cataloged nearly 10 million new malware strains from July to September." Of that ten million, 76.85% were trojans, 13.12% were worms, and 9.23% were viruses.

Trojans were also the most successfully deployed malware: 78% of detected infections involved trojans, 6.63% involved viruses, and 5.67% involved worms. China remains the most infected country, setting a new high with a 59.36% infection rate. Turkey, Peru and Russia, in that order, are the next most infected countries; while Canada (an infection rate of 33.85%) also sneaks into the top ten.

Europe continues to have the lowest infection rates: Netherlands (19.19%), UK (20.35%) and Germany (20.60%) being the least infected countries in the world.

One of the most disturbing elements of the quarter was the evolution of the 'police virus' into CryptoLocker. "Even though this type of attack is nothing new, this new ransomware has some unique characteristics that have made it a success for its creators," says PandaLabs. These characteristics include encrypting users' valuable files (photos, videos, text documents, etc); encrypting not just the local hard drive but also files on every network drive the infected user can access, and using strong encryption with a unique key. If the victim refuses to pay the ransom, the key is, say the criminals, destroyed so that the victim can never regain the files.

In the mobile market, says the report, "Android is in the crosshairs of cyber-criminals for a simple reason: it is extremely popular." Android remains the most-attacked mobile platform despite Google's claim that "less than 0.001% of app installations on Android are able to evade the system's multi-layered defenses and cause harm to users." Statistics may indicate otherwise, suggests PandaLabs.

Apart from the continuing growth in trojans and the emergence of CryptoLocker, PandaLabs selects two items of particular interest. One, unsurprisingly, has been the Snowden revelations. "The United States has taken the spotlight off China due to the espionage scandal uncovered by Edward Snowden, and everything seems to indicate that there will be more revelations about other NSA surveillance programs to indiscriminately spy on users, companies and governments around the world," it says.

The second is the growth in DNS poisoning attacks, as used by the Syrian Electronic Army against both the New York Times and Twitter. Furthermore, "Several large websites hosted in Malaysia fell victim to this type of attack, including the local websites of companies such as Google, Microsoft or Kaspersky," says the report. "DNS cache poisoning attacks have been on the rise and may become one of the prevalent trends for the next few months."

What’s hot on Infosecurity Magazine?