Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

8/7/2012
10:45 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

More Than Six Million New Malware Samples Were Created In Q2 2012, According To PandaLabs

Three out of every four malware infections are caused by Trojans; new variant of Police Virus emerges

ORLANDO, Fla., Aug. 7, 2012 /PRNewswire/ -- PandaLabs, Panda Security's anti-malware laboratory, today published its Quarterly Report for Q2, analyzing the IT security events and incidents from April through June 2012. In the second quarter of 2012 alone, more than six million new malware samples were created, a similar figure to the first quarter. The full report is available at http://press.pandasecurity.com/press-room/reports/.

The Quarter at-a-Glance In the report, PandaLabs highlights several top security incidents that occurred during Q2, including the proliferation and evolution of the 'Police Virus' from scareware to ransomware, and Flame, a cyber-espionage virus that has become one of the highlights of the year.

The report also covers the latest cases of cyber-crime, such as a hacker attack on Wikipedia users, the exploitation of a major security hole in Iran's banking system, and the new ways found by law enforcement agencies to fight data theft. It includes information about the latest attacks on mobile phones and social networking sites, the cyber-espionage operations between nations such as the United States and Yemen, and the traditional cyber-conflict between North and South Korea.

In addition to security trends, PandaLabs provides analysis of all malware samples it received throughout the quarter and details its findings in the Q2 report.

Approximately One Third of Computers Worldwide are Infected The average number of infected PCs across the globe stands at 31.63 percent, falling almost four percentage points compared to Q1, according to Panda Security's Collective Intelligence data. Countries in Asia take the top three spots of most infections per country, with South Korea leading (57.30 percent of infected PCs) for the first time ever, up by almost three percentage points compared to Q1. China takes the second spot (51.94 percent), followed by Taiwan and Bolivia. To see a graph of countries with the most malware infections, please visit: http://press.pandasecurity.com/wp-content/uploads/2012/08/COUNTRIES.jpg.

Nine of the ten least infected countries are in Europe with the only exception being Uruguay. The country with the fewest infections is Switzerland (18.40 of infected PCs), followed by Sweden (19.07 percent), comprising the only nations with fewer than 20 percent of computers infected. Norway, the United Kingdom, Uruguay, Germany, Ireland, Finland, Hungary and Holland are the other eight countries with the fewest malware infections.

"The list of least infected countries is dominated by some of the world's most technologically advanced nations, with the sole exception of South Korea," said Luis Corrons, technical director of PandaLabs. "Even though there may be other factors that influence these results, there seems to be a clear connection between technological development and malware infection rates."

Malware Statistics Trojans continued to account for most of the new threats created this quarter (78.92 percent); worms took second place, comprising 10.78 percent of samples; followed by viruses at 7.44 percent. The last place was occupied by adware/spyware at 2.69 percent.

Interestingly, viruses continued their decline, moving from second place in the 2011 Annual Report (14.24 percent) to third place (7.44 percent) this quarter. Worms maintained their second position, rising from 9.30 percent last quarter to almost 11 percent this quarter. To see a graph of new malware distribution in Q2 2012, please visit: http://press.pandasecurity.com/wp-content/uploads/2012/08/NEW-MALWARE.jpg.

When it comes to the number of infections caused by each malware category, Trojans once again topped the ranking, accounting for more infections than in the first quarter (76.18 percent compared to 66.30 percent). Viruses came second (7.82 percent), followed by worms (6.69 percent). "It is interesting to note that worms have only caused six percent of infections despite accounting for almost 11 percent of all new malware," said Corrons. "The figures corroborate what is well known - massive worm epidemics have become a thing of the past and have been replaced by an increasing avalanche of banking Trojans and specimens such as the Police Virus."

A graph depicting these figures is available at: http://press.pandasecurity.com/wp-content/uploads/2012/08/INFECTIONSMALWARE.jpg

PandaLabs advises all users to keep their computers adequately protected with a solution like Panda Security's free Panda Cloud Antivirus, which recently launched its 2.0 version with more features and benefits to users.

The quarterly report can be downloaded from: http://press.pandasecurity.com/press-room/reports/.

About PandaLabs Since 1990, PandaLabs, Panda Security's malware research laboratory, has been working to detect and classify malware in order to protect consumers and companies against new Internet threats. To do so, PandaLabs uses Collective Intelligence, a cloud-based proprietary system that leverages the knowledge gathered from Panda's user community to automatically detect, analyze and classify the more than 73,000 new malware strains that appear every day. This automated malware classification is complemented through the work of an international team with researchers specialized each in a specific type of malware (viruses, worms, Trojans, spyware and other attacks) to provide global coverage. Get more information about PandaLabs and subscribe to its blog news feed at http://www.pandalabs.com/. Follow Panda on Twitter at http://twitter.com/Panda_Security and on Facebook at http://www.facebook.com/PandaSecurity.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Where Businesses Waste Endpoint Security Budgets
Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-17210
PUBLISHED: 2019-07-20
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core components that create and launch a print job do not perform complete verification of the session cookie that is supplied to them. As a result, an attacker with guest/pseudo-guest level permissions can bypass t...
CVE-2019-12934
PUBLISHED: 2019-07-20
An issue was discovered in the wp-code-highlightjs plugin through 0.6.2 for WordPress. wp-admin/options-general.php?page=wp-code-highlight-js allows CSRF, as demonstrated by an XSS payload in the hljs_additional_css parameter.
CVE-2019-9229
PUBLISHED: 2019-07-20
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.251. An internal interface exposed to the link-local address 169.254.254.253 allows attackers in the local network to access multiple quagga VTYs. Attackers can...
CVE-2019-12815
PUBLISHED: 2019-07-19
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.
CVE-2019-13569
PUBLISHED: 2019-07-19
A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin through 4.1.7 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system.