PandaLabs, Panda Security's antimalware laboratory has released its new look PandaLabs Quarterly Report for Q2 2011, analyzing the IT security events and incidents from April through June 2011. As the report outlines, this quarter has been one of the worst on record, with hacking groups Anonymous and LulzSec causing widespread mayhem and organizations such as RSA Security, the U.S. Defense Department, the International Monetary Fund, the European Space Agency, Sony, Citigroup and SEGA all falling victims to attacks.
While Media Obsesses over Illegal Stunts, Malware Creation Shows No Signs of Slowing
In the last quarter, malware of all kinds has spread substantially, with PandaLabs observing 42 new malware strains created every minute. Once again, Trojans accounted for most of the new threats, comprising nearly 70 percent of all new malware created, followed by viruses (16 percent) and worms (11.6 percent).
As recorded by Panda Security’s online scanner, Panda ActiveScan, Trojans were responsible for 69 percent of infections, followed once again by viruses (10 percent) and worms (8.53 percent). Adware, which only represents 1.37 percent of all malware, accounted for more than 9 percent of all the infections, indicating the substantial effort malware writers are taking to promote this type of malicious code. Fake anti-virus programs, which are included in the adware category, have also continued to grow.
As for the specific threats responsible for most infections this quarter, we see that the Top 10 specimens have caused over 50 percent of all infections. However, this can be a bit misleading as many of the entries on the Top 10 list are generic malware (detected by Collective Intelligence) that include several families.
Asian Countries Lead Infection Rankings
In the ranking of the top 20 countries with the most infections, China, Thailand and Taiwan once again continue to occupy the top three spots. PandaLabs observed Sweden, Switzerland and Norway as being the least infected countries.
Top Security Incidents:
* LulzSec and Anonymous: A new hacker group LulzSec emerged this quarter, specializing in stealing and posting Personally Identifiable Information (PII) from companies with poor security as well as carrying out denial of service attacks (against the CIA website, for example). They also released a full list of PII data they had previously stolen such as email addresses and passwords, which has led to account hijacking and other forms of identity theft. At the end of June, LulzSec teamed up with Anonymous for “Operation: Anti-Security,” encouraging supporters to hack into, steal and publish classified government information from any source. On June 26, LulzSec released a statement on Twitter announcing the end of their activities. Nevertheless, they urged hackers to carry on with operation Anti-Security (#Antisec) and join the Anonymous IRC channel.
* Corporate Breaches: RSA, the security division of EMC Corporation, announced in mid-March it had suffered a breach on its network systems that exposed proprietary information about its two-factor hardware-based authentication system, SecurID. In May, Lockheed Martin, the largest provider of IT services to the U.S. government and military, suffered a network intrusion stemming from data stolen pertaining to RSA. It seems that the cyber-thieves managed to compromise the algorithm used by RSA to generate security keys. RSA will have to replace the SecurID tokens of more than 40 million customers around the world, including some of the world’s biggest companies.
* Sonygate: The most infamous attack that occurred this quarter was the one Sony suffered. Everything started with the theft of data from their PlayStation Network (PSN), affecting 77 million users worldwide. Not only was this the biggest data theft on record, but the situation was also poorly communicated to customers by the company, which hid the problem for days. When Sony finally made it public they simply said there was evidence that some user data could have been compromised, even though they knew the situation was far more serious.
As always, PandaLabs advises all users to ensure their computers are adequately protected. With this in mind, Panda offers a series of free tools including Panda Cloud Antivirus and Panda ActiveScan.
The quarterly report can be downloaded from: http://press.pandasecurity.com/press-room/reports/
Since 1990, PandaLabs, Panda Security’s malware research laboratory, has been working to detect and classify malware in order to protect consumers and companies against new Internet threats. To do so, PandaLabs uses Collective Intelligence, a cloud-based proprietary system that leverages the knowledge gathered from Panda’s user community to automatically detect, analyse and classify the more than 73,000 new malware strains that appear every day. This automated malware classification is complemented through the work of an international team with researchers specialized each in a specific type of malware (viruses, worms, Trojans, spyware and other attacks) to provide global coverage. Get more information about PandaLabs and subscribe to its blog news feed at http://www.pandalabs.com.