PandaLabs, Panda Security’s dedicated detection laboratory, draws attention to the record increase in the creation of new malware samples in its latest Quarterly Report for the second quarter of 2015. The malware detected has been created to infect both businesses and users alike.
In the second quarter of 2015 alone there were an average of 230,000 new malware samples created, which means a total of 21 million new types in these three months. Compared to the same period last year, where there were 160,000 registered samples, there has been an increase of 43%.
This large number of samples is, for the most part, mutations of already known malware. This way, cybercriminals try to stop the antivirus laboratories from detecting the infection.
As regards the types of malware, Trojans continue to be, by a large margin, the most common (71.16%) and are the main source of infection, with 76.25% of users infected by this malware. This quarter also saw the proliferation of PUPs (Potentially Unwanted Programs) which accounted for 14.39% of infections and placed just behind Trojans.
Cryptolocker, the big threat to businesses and users
Among the main threats that this study collected, the use of Cryptolocker to infect businesses and users was highlighted.
In the case of users, cybercriminals have begun to reuse an old technique to infect users, one which was first seen 20 years ago. It involved infecting users via a macros in Office documents, especially Word. To complete this attack, the criminals included a blurred image which could only been seen if the user activated the macros. Once the user does this, they are infected with Cryptolocker.
Businesses are also at risk from infection by Cryptolocker, such as the example of Ryanair, which lost 5 million dollars via a transfer to a Chinese bank. Other companies that have been victims of information thefts include CareFirst BlueCross BlueShield and the online dating site AdultFriendFinder.
“Cyber hackers are looking at businesses more and more as it is relatively easy for them to steal information”, affirms Luis Corrons, Technical Director of PandaLabs. “Sometimes it’s as simple as introducing a variant of Cryptolocker in a file that is sent to an employee and, once it’s opened, the security of the entire company is at risk”.
This quarter also saw attacks on mobile devices. One of the ways in which hackers have duped their victims is by WhatsApp. Called WhatsApp Trendy Blue. It passes itself off as a “new version” of the application with extra features when, in reality, the only thing it does is sign the user up to an expensive billing service.
In June, PandaLabs detected a phishing campaign directed at Android developers that published their creations on the Google Play store. The trick consisted of stealing password information in order to propagate malware via Google Play.
Asia and Latin America register the highest rates of infection
PandaLabs’ Quarterly Report also collected information on the rate of infection worldwide, according to computer’s protected by Panda’s software. The areas with the highest rate of infection were Asia and Latin America, which placed above the average of rate of infection (33.21%). China was the country with the highest rate of infection (47.53%), followed by Turkey (43.11%) and Peru (41.97%).
On the other end of the scale, Europe and Japan were the areas with the lowest rate of infection. Sweden (21.57%), Norway (22.22%), and Japan (23.57%) are the countries with the lowest infection rates worldwide.
However, some European countries recorded infection rates above the global average such as Spain (36.37%), Poland (38.48%), and Slovenia (38.05%), while in Latin America there were rates of 38.21% and 37.86% in Brazil and Colombia, respectively.
The complete report is available here.