U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Malware

Kindsight Security report on the growth of malware diffusion

Today I had the opportunity to analyze the a majority-owned subsidiary of Alcatel-Lucent, that shows a worrying scenario, around 14 percent of home networks were infected with malware in the period between  April and June 2012. Researchers declared: “We saw an increase in the number of home networks infected as compared to first quarter 2012,” One […]

Kindsight Security report on the growth of malware diffusion

Today I had the opportunity to analyze the a majority-owned subsidiary of Alcatel-Lucent, that shows a worrying scenario, around 14 percent of home networks were infected with malware in the period between  April and June 2012.

Researchers declared:

“We saw an increase in the number of home networks infected as compared to first quarter 2012,”

One of the main vector to spread the malicious agents is still the email, unsuspecting users are daily hijacked on infected website that compromise their machines with various type of malware.

According the proposed statistics 9 percent of residential households were infected by high-threat malware, such as a botnet, rootkit, or a banking Trojan, meanwhile approximately 6 percent were infected with moderate-threat malware such as spyware, browser hijackers, and adware.

Of course in many cases user’s machine is compromised by several malware.

The report dedicates a specific session to the botnetsand in particular to ZeroAccess botnet whch grew to over 1.2 million nodes over the second quarter.

Director of Kindsight Security Labs, Kevin McNamee said on the botnet:

“In recent months, we’ve seen the ZeroAccess botnet update its command and control protocol and grow to infect more computers while connecting to over one million computers globally,”

“The concern with ZeroAccess is that it is using the subscriber’s bandwidth maliciously which will cost them money as they exceed bandwidth caps. And, once the computer is compromised, it can also spread additional malware or launch new attacks,”

The particularity of the ZeroAccess botnet is the peer-to-peer protocol of communication used, in my previous article I described the efficiency of this type of botnet really difficult to decapitate.

Compromised machines receive orders from a command-and-control server directing them to click on ads on specific websites, meanwhile the website master collects per-click fees from the advertiser after generating fraudulent clicks using the botnet.

The following chart report that the infected peers are widely distributed throughout the Internet with almost 18% in India and 10% in the United States.

The report shows also the impact of malware on the MAC world, Flashback Trojan infected 10 percent of homes that owned at least one Mac in April 2012.

Great concerns are also related mobile environment, the report estimates that one out of every 140 devices on mobile networks was infected, 0.7% of all devices on mobile scenario, in the recent months in particular it has been observed an impressive growth of number of malware developed for Android OS (increased by 300 percent over the past three months).  Nobody is immune, also Apple mobile has been hit during the second quarter by the first trojan deployed on iOS named “Find and Call”.

What to expect from the future?

The trend is to a constant growth of number of malware in particular for the mobile sector, the data confirms that in Q3, especially for Android, is expected a sensible increase of the cyber threats.

The main reason behind the phenomenon are the lack of awareness on the cyber threat and the large diffusion of mobile devices, many statistics have in fact highlighted that mobile users don’t use any kind of protection for their devices with dramatic consequences.

Pierluigi Paganini