Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

12:43 PM
Dark Reading
Dark Reading
Products and Releases

CryptoLocker & DNS Poisoning -- PandaLabs Q3 Report

Malware creation hits record high, reaching 10 million new malware strains identified so far in 2013

Bracknell, Nov 27, 2013.

PandaLabs, Panda Security's anti-malware laboratory, has just published the results of its Quarterly Report for Q3 2013, drawn up by PandaLabs, the company's anti-malware laboratory. One of the main conclusions that can be drawn from this global study is that malware creation has hit a new record high, with nearly 10 million new strains identified so far this year. In fact, the number of new malware samples in circulation in just the first nine months of 2013 has already met the 2012 figure for the entire year. Trojans remained the most pervasive threat, accounting for most new threats and infections worldwide.

One of the most notable –and notorious– threats over the past months was CryptoLocker, a new ransomware sample that hijacks users' documents and demands a ransom for them

There was also a significant increase in the number of attacks that exploit DNS cache poisoning techniques. Several large websites hosted in Malaysia fell victim to this type of attack, including the local websites of companies such as Google, Microsoft or Kaspersky.

Android continued to be the top target among all mobile platforms, despite some high-profile attacks on iOS, Apple's operating system.

Cyber-War: NSA remains in the eye of the storm

As far as cyber-espionage is concerned, the United States took the spotlight off China after new revelations emerged about the clandestine PRISM program operated by the NSA (National Security Agency) to obtain user data from major U.S. companies such as Microsoft, Google, Apple, Facebook, etc.

"Everything seems to indicate that there will be more revelations about other NSA surveillance programs to indiscriminately spy on users, companies and governments around the world", said Luis Corrons, technical director of PandaLabs.

Q3 2013 malware statistics

Trojans once again topped the rankings, accounting for 76.85 percent of all new threats identified by PandaLabs, followed by worms (at a distant 13.12 percent), viruses (9.23 percent) and adware/spyware (0.57 percent).

Additionally, Trojans continued to be the weapon of choice for malware writers to infect users' systems. 78% of all computer infections registered in the third quarter of 2013 were caused by Trojans, followed by viruses (6.63 percent), adware/spyware (6.05 percent) and worms (5.67percent).

Geographic distribution of malware infections

Latin America remained the most-affected area by malware. In any event, the 'Top 10' list of most infected countries includes nations from all over the world, with China at the top with nearly 60% of all computers riddled with malware, followed by Turkey (46.58 percent) and Peru (42.55 percent).

At the other end of the chart, Europe continues to have the lowest infection rates. The least infected countries were Netherlands (19.19 percent), United Kingdom (20.35 percent) and Germany (20.60 percent). The only non-European country in the Top Ten was Australia, in ninth place with 26.67 percent.

The quarterly report is available on our press site http://press.pandasecurity.com/press-room/reports/.

About PandaLabs

Since 1990, PandaLabs, Panda Security's malware research laboratory, has been working to detect and classify malware in order to protect consumers and companies against new Internet threats. To do so, PandaLabs uses Collective Intelligence, a cloud-based proprietary system that leverages the knowledge gathered from Panda's user community to automatically detect, analyze and classify the more than 73,000 new malware strains that appear every day. This automated malware classification is complemented through the work of an international team with researchers specialized each in a specific type of malware (viruses, worms, Trojans, spyware and other attacks) to provide global coverage. Get more information about PandaLabs and subscribe to its blog news feed at http://www.pandalabs.com. Follow Panda on Twitter at http://twitter.com/PandaComunica and Facebook at http://www.facebook/PandaSecurity.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
11/28/2013 | 12:46:06 PM
re: CryptoLocker & DNS Poisoning -- PandaLabs Q3 Report
"There was also a significant increase in the number of attacks that
exploit DNS cache poisoning techniques. Several large websites hosted in
Malaysia fell victim to this type of attack, including the local
websites of companies such as Google, Microsoft or Kaspersky."

DNS hijacking via unauthorised changes at the Registrar/Registry ? I'm not sure it was DNS cache poisoning.
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-11-28
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
PUBLISHED: 2020-11-27
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
PUBLISHED: 2020-11-27
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
PUBLISHED: 2020-11-27
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.