MENU

Kaspersky Lab is detecting 315,000 new malicious files daily

December 11, 2013 • Security

The overall global Internet threat level grew by 6.9 percentage points in 2013 – 41.6% of user computers were attacked at least once. In order to conduct all these attacks over the Internet in 2013, cybercriminals used 10,604,273 unique hosts, which is 60.5% more than in 2012. The USA and Russia are the leading hosts of malicious web resources – 45% of web attacks neutralised by Kaspersky Lab products were launched from these countries.

Kaspersky Lab is detecting 315,000 new malicious files every day (image: Charlie Fripp)

Kaspersky Lab is detecting 315,000 new malicious files every day (image: Charlie Fripp)

2013 also saw a further increase in the security issues around mobile devices, with a new level of maturity in terms of the sophistication and a number of these threats. Most malicious mobile apps principally aimed to steal money, and subsequently personal data. Android is still the main target, attracting a whopping 98.05% of known malware.

Day by day:

  • ·         Kaspersky Lab is detecting 315,000 new malicious files every dayLast year’s number was 200,000
  • ·         Kaspersky Lab’s products repelled an average of 4,659,920 attacks on users every day when they were online.

Twice as dangerous:

  • ·         The number of browser-based attacks over the last two years has almost doubled to 1,700,870,654
  • ·         Kaspersky Lab detected 104,427 new modifications of malicious programmes for mobile devices, which is 125% more than in 2012
  • ·         In October 2013 alone, we saw 19,966 mobile malware new modifications. That’s 50% of the total that Kaspersky Lab found in the whole of 2012, uncovered in a single month.

Who’s at the highest risk?

Based on 2013’s figures, 15 countries can be assigned to a high risk group based on their risk level while surfing the Internet. Russia, Austria, Germany, several former Soviet republics and several Asian countries had 41-60% of Kaspersky Lab users reporting attempted web attacks on their computers.

Most popular vulnerable applications exploited by cybercriminals:

90.52% of all detected attempts to exploit vulnerabilities targeted Oracle Java. These vulnerabilities are exploited in drive-by attacks conducted via the Internet, and new Java exploits are now present in lots of exploit packs.

Top malicious programmes on the Internet:

Seven of the Top 20 malicious programmes on the Internet were threats that are blocked during attempted drive-by attacks. This is currently the most common attack method for web-based malware. The verdicts in Kaspersky Lab’s ranking are assigned to scripts that redirect to exploits as well as to the exploits themselves.

In South Africa, Kaspersky Lab identified the following top 20 most active malicious programmes involved in web attacks on users’ computers:

#

Malware Name

% Attacks*

1

Malicious URL

84,14%

2

AdWare.Win32.MegaSearch.am

5,58%

3

Trojan.Script.Generic

3,81%

4

AdWare.Win32.Bromngr.b

1,71%

5

Trojan-Downloader.Script.Generic

1,42%

6

Trojan.Win32.Generic

0,67%

7

Trojan.Script.Iframer

0,58%

8

AdWare.Win32.MegaSearch.ap

0,31%

9

AdWare.Win32.MegaSearch.at

0,29%

10

Exploit.Script.Blocker

0,24%

11

Email-Worm.Win32.Mydoom.l

0,21%

12

Trojan.JS.Redirector.xa

0,15%

13

Trojan-Downloader.Win32.Generic

0,14%

14

AdWare.Win32.Agent.aeph

0,11%

15

AdWare.Win32.DelBar.a

0,07%

16

Trojan-Downloader.Win32.MultiDL.k

0,09%

17

AdWare.Win32.Shopper.aaz

0,07%

18

Trojan.JS.Iframe.aeq

0,06%

19

Exploit.Script.Blocker.u

0,06%

20

AdWare.Win32.Lyckriks.cw

0,06%

This list accounts for 99.9% of all web attacks locally. Compared to 2012, there was an increase in the proportion of blacklisted malicious links blocked (Malicious URL in 1st place). Nearly half of the listed malicious programmes in this South Africa Top 20 rating, were verdicts identifying threats that are blocked during attempted drive-by attacks. They are the heuristic verdicts Trojan.Script.Generic, Trojan.Script.Iframer, Exploit.Script.Blocker, Trojan-Downloader.Script.Generic and the non-heuristic.

8 out of 20 entries are annoying advertising of software, offering installation of multiple browser extensions (toolbars, search engines, etc). Kaspersky Lab has seen growth of such malicious programmes comparing with 2012 by more than half (from 3.3% up to 8%). They are spreading mostly in addition to popular legal software on the so-called “soft portals”.

Mobile threats:

“There is unlikely to be any slow-down in development of malicious apps, especially for Android. To date, the majority of malware has been designed to get access to the device. In the future, there is also a high probability that the first mass worm for Android will appear. Android ticks all the boxes for cybercriminals – it’s a widely-used OS that is easy to use for both app developers and malware authors alike”, Riaan Badenhorst, Managing Director of Kaspersky Lab, Africa commented.

Villain of the year:

Obad, probably the most remarkable discovery in the mobile field in 2013, is being distributed by multiple methods, including pre-established mobile botnets. This malware is probably the most versatile piece of mobile malware found to date, including a staggering total of three exploits, a backdoor, SMS Trojan and bot capabilities and further functionalities. It’s a kind of Swiss Army knife, comprising a whole range of different tools.

Local threats:

Kaspersky Lab products detected almost 3 billion malware attacks on user computers. A total of 1.8 million malicious and potentially unwanted programmes were detected in these attacks. This data shows how frequently users are attacked by malware spread via removable USB drives, CDs and DVDs, and other “offline” methods.

Staff writer

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

« »