Data-stealing malware growth spikes

The propagation of some forms of crimeware surged in the half-year period ending in June, 2011 with data-stealing malware reaching and maintaining a new plateau of contagion, according to the APWG.

In the first six months of 2011, data-stealing malware and generic Trojans increased from 36 percent of malware detected in January, 2011 to more than 45 percent in April, subsequently maintaining a proportion of well over 40 percent for the rest of the half. The former high for this metric was 44 percent, in a one-month spike, in August of 2010.

This metric is a key indicator of cybercrime trends, as data-stealing malware is typically designed to send information from infected machines, to control them, and/or to open backdoors on them.

Patrik Runald, Senior Manager, Security Research for Websense said, “The first half of 2011 saw an increase in not only the amount of malicious samples received but more importantly, malware files going after confidential information such as credit card data, social security numbers and credentials to financial websites.

“With cybercrime being an industry generating hundreds of millions of dollars for the bad guys it’s clear that this is a trend we will see for a long time,” Runald said.

Similarly, according to Luis Corrons, PandaLabs Technical Director, Trojans accounted for 72 percent of the new samples created in H1, 2011, a substantial increase from H2, 2010 when Trojans only accounted for 55 percent of the total sample set recorded.

While conventional, spam-based phishing attacks are not attaining the relentless month-over-month global growth of years’ past, there are indications that new and major phishing hot spots within emerging-market nations are appearing.

Ihab Shraim, CSO, Network and Systems Engineering said, “In the first half of 2011, MarkMonitor saw a significant rise of phishing attacks when compared with 2010. Furthermore, phishing attacks are increasingly targeting brands worldwide and, notably, in emerging markets such as Latin America, Middle East and Asia.”

Other highlights:

  • The half’s high for unique phishing reports submitted to APWG of 26,402 in March was down 35 percent from the all-time high of 40,621 in August, 2009
  • Unique phishing websites detected during the half reached a high in March with 38,173, down more than 32 percent from the record of 56,362 in August 2009
  • The number of phished brands reached a high in the half of 339 in January, down 5 percent from the all-time high of 356 reached in October, 2009
  • After cracking into the top 10 last November, Egypt has ranked in the top three hosting countries for four out of the first six months of 2011
  • The top 10 most prevalent families of fake anti-virus software are responsible for more than 69 percent of the infections caused by rogueware.

Don't miss