Friday, July 18, 2014


Hass & Associates Online Reviews on Malware Poisons One-Third of World's Computers

Posted in , ,
Nearly one-third of the world's computers could be infected with malware, suggests a report released last week by the Anti-Phishing Working Group.

Malicious apps invaded 32.77 percent of the world's computers, a more than 4 percent jump from the previous quarter's 28.39 percent, the report estimates.

The increase in infected computers has come hand-in-hand with a jump in the appearance of malware samples, said Luis Corrons, technical director of PandaLabs, the research arm of Panda Security, one of the sponsors of the APWG report.

"The creation of malware samples is skyrocketing," Corrons told TechNewsWorld. "It has doubled from the last quarter to the first quarter of this year."

In the last quarter of 2013, some 80,000 malware samples a day were discovered by Panda researchers. In the first quarter of 2014, that number jumped to 160,000.

Hiding in Numbers

By far, most of the new malware strains (71.85 percent) and malware infections (79.70 percent) are Trojans. Less than a quarter of new malware strains (22.70 percent) and malware infections (12.77 percent) are viruses and worms.

"At the end of the day, malware is created to steal information," Carrons explained. "Trojans are the most suitable malware to do that."

The primary motivation behind creating so many new malware strains is to avoid detection by antivirus programs. Those programs use signatures to identify malicious software. Since each new bad app strain contains a new signature, constantly introducing new strains extends the time a malicious app can remain virulent.

"In the old days, they might be able to infect 1,000 users with a Trojan," Corrons said. "It was easy for antivirus to catch that. Now you'll have 1,000 users infected with 1,000 different Trojans."

The number of phishing sites in the world increased quarter-over-quarter by 10.7 percent, from 111,773 to 125,215 -- the largest site total for a quarter seen since 2012, the APWG report noted.

A slight uptick in brands targeted by phishers also was spotted by APWG researchers -- from 525 in the fourth quarter of 2013 to 557 in the first quarter of this year.

The Dragonfly Campaign

An international gang of hackers has been surreptitiously planting Remote Access Trojans on the systems of energy companies in Spain, the United States, Japan, France, Italy and Germany, security researchers and CERT's ICS team revealed last week.

The campaign, called "Dragonfly" by Symantec, could pose grave risks to a nation's energy infrastructure.

"Depending on how deep the attackers can get into the energy infrastructure, the damage could be great," Adam Kujawa, head of malware intelligence at Malwarebytes, told TechNewsWorld.

"Intelligence gained from cyberespionage could be very useful in the right hands -- and if passwords, IP addresses and user names have been pulled from infected systems, that could allow attackers onto more secure networks and obtain direct control of energy resources," he said. "The damage done would be very serious."

Dragonfly is a painful reminder of a dilemma every nation is facing.

"There is a nasty convergence happening as we speak: Our lives are getting ever more dependent on reliable and available energy, but at the same time, the infrastructure of energy companies is getting more complicated," RedSeal Networks CTO Mike Lloyd told TechNewsWorld.

"This complexity adds weakness and multiplies the pathways attackers can exploit," he added.