AVG today presents “AVG Community Powered Threat Report – Q2 2011”, providing insight, background and analysis on the trends and developments in the global threat landscape.
The report is based on the Community Protection Network traffic and data followed by research performed by AVG, over a three-month period. It provides an overview of web, mobile devices, Spam risks and threats.
Information about the latest threats is collected from customers who choose to participate in the AVG Community Protection Network and shared with the community to make sure everyone receives the best possible protection. With more than 110 million users using AVG’s various solutions, AVG provides strong community protection.
A brief overview of the main findings of the report can be found below while a full copy of the report can be downloaded here.
Q2 2011 Main Threats:
The report unearths how ‘trusted malware’ is continuing to grow at an alarming rate. In Q2, AVG’s Threat Labs have seen an increase in the number of stolen digital certificates used to sign malware, before being distributed by hackers. A significant increase of over 300% was identified starting 2011 comparing to the same period last year. The practice of trusting signed files is rapidly losing its strength.
As Macs continue to rise in popularity, they are increasingly becoming the latest victims of cyber crime, the report reveals. With the platform reaching crucial market share levels, it is starting to appear on the radar of cyber criminals. While it may be a new target platform, cyber criminals are using tried and tested social engineering techniques to attack Mac OS users.
Increasingly, cyber crooks are using mobile malware to monetize using premium SMS and fake apps. Monetizing techniques via mobile are much easier to operate than those in use on PC. By spamming users to download apps or simply posting them on download stores or markets, the software distribution is easy and scalable.
An eye on SpyEye
The report provides insight into the most prevalent malware targeting online banking in the past few years – SpyEye. The rise in SpyEye means that users of internet banking need to be extra vigilant, especially as victims of cyber attacks are increasingly considered to be accountable.
A recent court ruling in the US concluded that it was in fact the victim’s responsibility to protect their account credentials, rather than the banks – namely via the use of internet security and identity protection tools.
The AVG Threat Labs investigated 702 Command and Control servers in the first half of 2011, which collect the online banking credentials from hundreds of thousands of people and businesses globally. The US holds the lead of the Command and Control Servers with 30% of the market share, followed by Ukraine with 22%.
The United States still remains the dominant source of spam with English as the main language used in spam messages, followed by the UK with Brazil only just coming third. However, Brazil is rapidly closing that gap and is on course to overtake the UK, likely in the next quarter
World Wild Web
“In Q2 cybercriminals have clearly been shifting their focus to new markets, with a clear focus on increasing revenue from their operations,” said Yuval Ben-Itzhak, Chief Technology Officer, AVG Technologies.
“The World Wide Web might as well be re-branded as the World Wild Web. Our research has indicated that hundreds of live servers operating all around the world are active 24/7 to steal users’ credentials for online banking and other private assets. As the attack techniques of hackers continue to get more advanced, users need to take action. Security products, with multi-layers of protection, should be a must have, to protect against the potentially damaging threats that lurk on the web. The user’s computer platform is becoming irrelevant for these cyber criminals- Windows, Android, Mac, iOS are all targeted now.”
Other key findings include:
- 11.3% of malware are using external hardware devices (e.g. flash drives) as a distribution method (AutoRun)
- Blackhole remains the most prevalent exploit toolkit in the world, accounting for 75.83% of toolkits
- Com.noshufou.android.su is the most popular malicious Android application
- Exploit Toolkits are responsible for 37% of all threat activity
- 32.9% of Spam messages originated from the USA followed by the United Kingdom with 3.9%
The full report can be downloaded here
What do you think of AVG’s Q2 2011 Threat Report, have you experienced any of the issues described above? Get in touch with us here on the blogs or on our Facebook Community.
Leave a reply