Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

9/2/2014
12:00 AM
Dark Reading
Dark Reading
Products and Releases
100%
0%

PandaLabs Q2 2014 Report: PUPs on the rise

Malware still generated at a rate of 160,000 new samples a day in Q2 2014, reports PandaLabs.

Bracknell, September 1, 2014

Panda Security, The Cloud Security Company, has announced the latest findings of the PandaLabs quarterly report for Q2 2014. The main conclusions of the study include the fact that malware is still being created at the record levels reached in the previous quarter: 15 million new samples were generated, at an average rate of 160,000 every day.

While Trojans are still the most common type of malware, accounting for 58.20% of new malware, this figure is significantly lower than the previous quarter (71.85%). This is not so much due to a drop in number of new Trojans, but more to a substantial increase in PUPs (Potentially Unwanted Programs) during this period.

Attacks on mobile devices have continued to gather momentum over this quarter, though this time they have also targeted the Apple iOS in addition to Android. In the case of the latter, the most notable cases have involved fake antivirus apps and ransomware.

There have also been many notable cases of hacking targeting major companies across different sectors, such as eBay, Spotify or Domino's Pizza, as well as more attacks by the Syrian Electronic Army (SEA). A security flaw -dubbed Heartbleed- in the OpenSSL library used for encrypting communications made the headlines around the world in April. At the same time, Microsoft ceased to offer support for Windows XP, with serious security implications for users of this OS.

PUPs on the rise

While Trojans are still the most prevalent type of malware (58.20% of new threats), they are losing ground thanks to the rise of PUPs (Potentially Unwanted Programs). In fact, in recent months there has been a notable increase in software bundlers, which install PUPs -without the user’s consent- along with the programs that the user really wants to install.

Trojans are followed a long way behind in the ranking by worms (19.68%), adware/spyware (0.39%) and viruses (0.38%).

Trojans the cause of most infections

Trojans, once again, have accounted for more infections (62.8%) than any other type of malware, although this figure is lower than the previous quarter (79.90%). PUPs are in second place with 24.77% of infections, underlining how these techniques are now being used massively. A long way behind came adware/spyware (7.09%), viruses (2.68%) and worms (2.66%).

Infections by country

The global infection rate during the second quarter of 2014 was 36.87%, a significant rise on recent periods, thanks largely to the proliferation of PUPs. Country by country, China once again had the most infections, with a rate of 51.05%, followed by Peru (44.34%) and Turkey (44.12%).

It’s clear from this ranking that the regions with the highest levels of infections are Asia and Latin America. Spain also has an infection rate above the global average with 37.67%.

On the other hand, Europe is the area with the lowest infection rate, with nine countries ranked among the least infected countries. Sweden (22.13%), Norway (22.26%) and Germany (22.88%) had the lowest rates while Japan, with an infection rate of 24.21%, was the only non-European country in the top ten of this ranking.

The full report is available at http://mediacenter.pandasecurity.com/mediacenter/wp-content/uploads/2014/07/Quarterly-Report-Q2-2014.pdf

About Panda Security
Founded in 1990, Panda Security is the world’s leading provider of cloud-based security solutions, with products available in more than 23 languages and millions of users located in 195 countries around the world. Panda Security was the first IT security company to harness the power of cloud computing with its Collective Intelligence technology. This innovative security model can automatically analyze and classify thousands of new malware samples every day, guaranteeing corporate customers and home users the most effective protection against Internet threats with minimum impact on system performance. Panda Security has 80 offices throughout the globe with US headquarters in Florida and European headquarters in Spain
Panda Security collaborates with The Stella Project, a program aimed at promoting the incorporation into the community and workplace of people with Down syndrome and other intellectual disabilities, as part of its Corporate Social Responsibility policy.
For more information, please visit http://www.pandasecurity.com/

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-3142
PUBLISHED: 2021-01-28
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-35128. Reason: This candidate is a reservation duplicate of CVE-2020-35128. Notes: All CVE users should reference CVE-2020-35128 instead of this candidate. All references and descriptions in this candidate have been removed to preve...
CVE-2020-35124
PUBLISHED: 2021-01-28
A cross-site scripting (XSS) vulnerability in the assets component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript through the Referer header of asset downloads.
CVE-2020-25782
PUBLISHED: 2021-01-28
An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientManage::ServerIP_Proto_Set during incoming message handling.
CVE-2020-25783
PUBLISHED: 2021-01-28
An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated heap-based buffer overflow in the function CNetClientTalk::OprMsg during incoming message handling.
CVE-2020-25784
PUBLISHED: 2021-01-28
An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function CNetClientGuard::SubOprMsg during incoming message handling.