Vulnerabilities / Threats
1/5/2011
12:01 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Attackers Broke Malware Records In 2010

Over the past year, online criminals created one-third of all viruses and 34% of all malware ever seen.

Top 10 Security Stories Of 2010
(click image for larger view)
Slideshow: Top 10 Security Stories Of 2010
Last year saw a record-setting number of new threats appear online. In particular, criminals managed to create one-third of all viruses ever seen, 34% of all malware in existence, and 40% of all known fake AV.

Those findings come from a study released Wednesday by PandaLabs, the malware research arm of antivirus vendor Panda Security. The firm said it had analyzed 99.4% of the 134 million unique files its systems automatically collected in 2010. Of those files, 60 million were malware -- viruses, worms, Trojans, and other threats.

The report also found that the volume of new malware created -- about 20 million new strains -- remained roughly constant from 2009 to 2010, while the number of new threats overall increased. Between the beginning and end of 2010, according to PandaLabs, "the average number of new threats created every day has risen from 55,000 to 63,000."

While names such as Zeus and Bredolab continue to make headlines -- since they're behind many attacks -- most unique instances of malware appear to be nearly disposable. Indeed, whereas many attacks used to circulate for months before disappearing, Panda found that 52% of new malware in 2010 existed for only 24 hours. According to PandaLabs, "as antiviruses become able to detect new malware, hackers modify them or create new ones so as to evade detection."

Unsurprisingly, given the financial incentive behind many attacks, the most prevalent type of malware in 2010 was the banking Trojan, which comprised 56% of all new malware, followed by those perennial favorites viruses (22%), worms (10%), and adware (10%). Interestingly, spyware declined from comprising 6% of all malware in 2009 to just 0.34% in 2010. Meanwhile, roughly 1% of threats in 2010 collectively comprised dialers, hacking tools, PUPs (potentially unwanted program), security risks, jokes, or tracking cookies.

Interestingly, Panda found that 53% of all computer users experienced a malware infection in 2010, even when using up-to-date antivirus scanners and signatures.

SEE ALSO:

Massive 'Fake AV' Attack Launched

Spam Attack Captures Government Data

Hackers, Insiders Behind Most Identity Theft

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web