Woburn, MA – November 18, 2014 - Kaspersky Lab today released its third quarterly IT Threat Report for 2014, finding that over a billion malicious attacks were detected and blocked during the quarter, and one third of Web attacks were carried out using malicious Web resources hosted in theUnited States.Kaspersky Lab also found that attacks by mobile malware were detected in 205 countries, showing non-targeted mass attacks are becoming truly global.
Q3 in figures
- Over a billion malicious attacks were blocked on the computers and mobile devices of Kaspersky Lab users – 33.1 percent more than in the previous quarter.
- Two cyber-espionage campaigns – Crouching Yeti and Epic Turla – affected more than 2,800 high-profile victims in at least 10 industries, such as government institutions, embassies, military, research organizations and IT companies.
- About 110 million unique URLs that triggered web antivirus detections were recorded – 31 percent more than in Q2.
- 74,500 new mobile malware samples were added to Kaspersky Lab’s collection. This is 14.4 percent more than in Q2.
- Over 7,000 mobile banking Trojans were detected – 3.4 times more than in the previous quarter.
- Banking Trojan attacks were detected in 70 countries, compared with 31 countries in Q2.
Highlights from the Quarter
Kaspersky Lab contributed to an alliance of law enforcement and industry organizations, coordinated by Britain’s National Crime Agency (NCA), to disrupt the infrastructure behind the Shylock Trojan. Like other well-known banking Trojans – Zeus, SpyEye and Carberp – Shylock is a man-in-the-browser attack designed to steal banking login credentials from the computers of bank customers. In effect, it diverts money from users’ bank accounts into the pockets of cybercriminals.
Also during the quarter, Kaspersky Lab security researcher David Jacoby investigated his own home to determine whether it was really cyber-secure. He looked at several devices, including network-attached storage (NAS) devices and his smart TV, router and satellite receiver, to see if they were vulnerable to cyber-attack. The results were striking: he found 14 vulnerabilities in the network-attached storage devices, one in the smart TV and several potentially hidden remote control functions in the router.
The quarter threat report also showed changes in the top five main sources of Web attacks. In Q2, the top five positions in the ranking were occupied by Germany, the US, the Netherlands, Russia and Canada, respectively. In Q3 the US made a big leap (+11.2 pp), landing in the top position with 33%. Germany dropped to third place (13.5%) and the Netherlands moved into second place (18%). Ukraine reached fifth place (4%), pushing Canada out of the Top 5. Russia remained in fourth position with 9%.
The full version of the Q3 Threat Report on cyber threats is available on Securelist.com.
“In Q3, Web antivirus modules were triggered at least once on almost one third of computers while owners were surfing the Web. This figure has been falling for a year: in Q3 2013 it was 34.1 percent, in Q1 2014 it fell to 33.2 percent and starting from Q2 it ‘froze’ at 29.5 percent. This is due to a number of factors. First, browsers and search engines started helping to combat malicious sites. Second, there were fewer attacks involving exploit packs following the arrests of several developers. However, it would be naïve to expect the use of exploits to go down sharply: exploits remain the malware delivery method of choice in the case of targeted attacks,” saidMaria Garnaeva, Security Researcher at Global Research and Analysis Team, Kaspersky Lab.