Panda Security, The Cloud Security Company, has just published the results of its Quarterly Report for Q2 2013, drawn up by PandaLabs. One of the main conclusions that can be drawn from this global study is that malware creation reached record levels in the second quarter of the year. In this context, Trojans continued to account for most infections. Additionally, the report shows a worrying increase in malware targeting the Android platform, and discuses some of the major stories concerning cyber-war and cyber-espionage.
Trojans Are King
According to PandaLabs, Trojans continue to be the most popular threat, accounting for 77.2 percent of all new malware created and 79.70 percent of malware infections; that is, almost eight in ten users are infected with a Trojan. Another interesting fact is that the amount of new malware samples continues to rise. In the second quarter of 2013, 12 percent more malware was created than in the same period last year, and when the data for the first and second quarters of 2013 is taken together, the increase on 2012 reaches 17 percent.
In this respect, Trojans accounted for most new threats in circulation (77.20 percent), followed by worms (11.28 percent) and viruses (10.29 percent).
Analyzing all infections around the world, the numbers are similar to those for the new malware samples created: Trojans (79.70 percent), viruses (6.71 percent) and worms (6.06 percent).
“Cyber-criminals use Trojans as a key tool to infect users, continually introducing changes to avoid detection and in many cases, automating the process of changing the Trojan. They use scripts and special tools in order to change the binaries run on victims’ computers to evade the signature-based detection used by antivirus firms”, said Luis Corrons, technical director of PandaLabs.
The global infection ratio: 32,77%
In the second quarter of 2013, the global infection ratio was 32.77 percent, which was up on the first quarter (31.13 percent).
As for the data for individual countries, China once again topped the table (52.36 percent), followed by Turkey (43.59 percent) and Peru (42.14 percent).
On the other end of the spectrum, Europe continues to have the lowest infection rates. Sweden (21.03 percent), Norway (21.14 percent) and Germany (25.18 percent) are the countries with the lowest infection rates. The only non-European country in the Top Ten was Japan, in fourth place with 24.21 percent.
A Quarter Full of Attacks
The quarter started with good news when it emerged that police forces had arrested the cyber-gang leader responsible for the Caberp botnet: a Russian citizen (28) who, together with 20 other individuals, comprised a malware development team.
Despite this good news, cyber-criminal activity continued to increase. Cyber-criminals often try to exploit newsworthy events or notable dates to try to spread malware to new victims. This was apparent during the second quarter of 2013 when they used the terrorist attack on the Boston marathon, or the International Workers’ Day -May1- to spread viruses or compromise government agencies respectively.
Country-to-country cyber-espionage and cyber-espionage on individuals also hit the headlines this quarter. The allegations of widespread espionage on Internet communications were not void of controversy. On June 6, a Washington Post exclusive revealed that the U.S. National Security Agency, the NSA, had been spying on ‘everyone’ using a program called PRISM with the voluntary assistance of nine technology sector giants: Microsoft, Apple, Google, Yahoo, Facebook, YouTube, Skype, AOL, and PalTalk. These companies categorically denied the accusations. In fact, the Washington Post edited the story the following day, changing the title and deleting references to how the companies were voluntarily releasing all kinds of customer data to the NSA.
“China continues to occupy many of the headlines regarding cyber-espionage, although in this quarter, the USA has been in the eye of the storm after revelations about the PRISM program that the NSA used to obtain data from users of platforms such as Facebook, YouTube or Skype”, said Corrons.
Social Media Attacks
The second quarter of 2013 saw a series of cases that reaffirmed the importance of social networking security. Among them, a group called ‘Syrian Electronic Army’ managed to take over the Twitter accounts of several news media with disastrous consequences.
The Associated Press’ primary Twitter account was hacked and used to falsely report that there had been two explosions in the White House and that President Obama was injured. Immediately, numerous followers of the account helped the story to spread like wildfire, resulting in the Dow Jones index dropping 155 points.
The full report is available here.