Malware Rising: Trojans Dominate Rankings, Study Finds4:00 PM EST Wed. Feb. 06, 2013
There were 27 million new strains of malware created in 2012, according to an analysis of 2012 threats and vulnerabilities conducted by Madrid, Spain-based Panda Labs. The company's latest threat report said it is detecting about 74,000 strains of malware daily, most of which are generated by financially motivated cybercriminals. Panda said it currently maintains a total of 125 million classified malware samples. The goal of most cybercriminal attack campaigns is to steal account credentials, harvesting them to gain access to sensitive data, conduct identity fraud or raid bank accounts.
Trojans accounted for most of the new threats, Panda said. Three out of every four new malware strains created were Trojans, accounting for more than 76 percent of all malware in circulation. Trojans are designed to avoid detection by antivirus and mainly to steal data. Most Trojans are financially driven, such as Zeus and SpyEye Trojans, which are designed to drain bank accounts. A much smaller percentage is designed for targeted attacks used in cyberespionage activities, aimed at infecting a system and remaining stealthy for extended periods of time. These Trojans are at the core of Intellectual Property theft.
Panda said it also saw Trojans exclusively designed to steal data from Android mobile devices in 2012. Cybercriminals are tricking users into installing Trojans by disguising them as legitimate mobile apps. The malicious Android apps are mainly on third-party Android stores based in China. A Trojan disguised as an app to purchase mobile apps from a device infected 600 million people, mainly China Mobile subscribers. It was delivered on nine unofficial app stores, Panda said.
The PC remains the biggest target for cybercriminals, but the Flashback Trojan infected up to 600,000 Mac computers in 2012. It was a small percentage of Apple's install base, but infections illustrated that Macs are not immune to threats, Panda said. The Trojan targeted a browser-based Java vulnerability, taking advantage of Apple's slow patching cycle. The infections prompted Oracle to begin phasing out support of Java on its systems. Java 7 is not supported on Snow Leopard.
The proportion of infected computers worldwide decreased significantly from 38.49 percent in 2011 to 31.98 percent in 2012, according to Panda. The decrease could be due, in part, to the significant rise in use of smartphones and tablets. Driving much of the malware are nearly 30 automated attack toolkits available to cybercriminals on popular hacking forums. Panda and other security firms say BlackHole has become the most popular exploit toolkit. It is frequently rented out to cybercriminals and receives regular updates with new exploits.
Not surprisingly, computer systems in China had the most malware infections, with more than 50 percent of the world's infected PCs, followed by South Korea and Taiwan. Nine of the 10 least infected countries are in Europe, with the only exception being Canada. The country with the fewest infections is Sweden, followed by Switzerland and Norway.