|– This type of malware was also responsible for over a third of all infections between April and June. The Downloader.MDW Trojan was the most active strain of malware during this period.
– The malicious use of Twitter, the advance of BlackHat SEO techniques, and an in-depth study of the Waledac worm, are some of the other issues covered in the PandaLabs Quarterly Report
– The report can be downloaded from http://pandasecurity.lin3sdev.com/img/enc/Quarterly_Report_PandaLabs_Q2_2009.pdf
Trojans accounted for 70 percent of all new malware between April and June 2009, according to data compiled in the latest PandaLabs Quarterly Report.
One of the most notable findings of the report is the 6.25% drop in spyware, which now represents just 6.9% of all new malware. In contrast, adware rose dramatically over this period, from 7.54 percent in the previous quarter to 16.37 percent. This is largely due to the increase in fake antivirus applications, a type of adware that passes itself off as a legitimate security solution. As for worms, their percentage has also risen slightly, now accounting for 4.4 percent of all malware.
Trojans were also responsible for more infections than any other type of malware over this period. This type of malware was behind 34.37 percent of all infections detected by PandaLabs, an increase of 2.86 percent with respect to the previous quarter. Adware infection levels remained stable, accounting for 19.62 percent of the total. Worms increased slightly (0.89%), staying in the picture due largely to the effectiveness with which they spread.
Dialers, at 4.48%, stubbornly refused to disappear despite the overriding trend for broadband instead of dial-up connections.
In terms of specific strains of malware, the number one ranked specimen between April and June 2009 was Downloader.MDW, a Trojan designed to download other malware on to computers. The Virtumonde spyware and Rebooter.J Trojan were also among the malicious codes that caused most infections.
When broken down geographically, Taiwan continues to top the list with 33.63 percent of computers infected with active malware. Turkey and Poland come next, with just under 30 percent. Three Scandinavian countries, Sweden (14.2%), Norway (12.48%) and Finland (12.17%), are the countries with the lowest number of computers infected by active malware during the first half of 2009.
Malicious use of Twitter
A worm appeared in April which used a cross-site scripting technique to infect Twitter users when they visited the profiles of other infected users. It then infected the new user’s profile to continue propagating. New variants appeared, and finally the creator’s identity was revealed: one Mikey Mooney, who apparently wanted to attract users to a service competing with Twitter.
In early June, Twitter was the focus of other attacks, this time using different techniques, above all BlackHat SEO. Twitter has a feature called “Trending Topics”, which is a list of the most popular topics that appears in the interface of all Twitter users. When users select a topic through this feature, they will see all ‘tweets’ published related to this issue. In this case, malicious users were writing tweets about the topics listed in Twitter Trends with links to malicious Web pages from which malware was downloaded. The first attack focused on just one of the topics, but just a few days later the scope of the attack increased and all popular topics contained malicious links. When the actor David Carradine died, in just a few hours there were hundreds of malicious tweets, and the same occurred with other popular issues on Twitter.
The second anniversary of Collective Intelligence, a detailed analysis of the Waledac worm, trends regarding the sending of malware via spam and the evolution of BlackHat SEO techniques are just some of the other issues covered in the PandaLabs Quarterly Report.
You can download this report from: http://pandasecurity.lin3sdev.com/img/enc/Quarterly_Report_PandaLabs_Q2_2009.pdf
- Feed RSS for Press Release