Online security company Kaspersky Lab’s experts report considerable growth in the number of malicious attacks on user computers and mobile devices, further development of financial malware and a change in the vectors of web attacks.
Based on the software security products company’s statistics, 2014 saw 325 000 new malicious files processed every day. That is up 10 000 a day compared with 2013, and 125,000 a day more than in 2012.
The company’s team blocked 6.2 billon malicious attacks on user computers and mobile devices, one billion more than in 2013.
Malicious web resources located in the US (27.5% of all attacks), Germany (16.6%) and The Netherlands (13.4%) were the three top sources of 44% of web attacks.
The team’s web antivirus detected over 123 000 000 unique malicious objects: 74% of them were found at malicious URLs.
Mobile threats
There were 295 500 new mobile malicious programmes and 12 100 mobile banking Trojans, 9 times as many as last year. Of these, 53% of attacks involved mobile Trojans targeting users’ money via SMS or banking Trojans. Mobile malware attacks were registered in more than 200 countries worldwide with 19% of Android users (one in five) having encountered a mobile threat at least once over the year.
Financial threats
The fraudsters who specialise in mobile financial malware are probably inspired by their experienced “colleagues” who have been stealing money via personal computers for years. Zeus remains the most widespread banking Trojan with ChePro and Lohmys coming second and third. Three quarters of attacks targeting users’ money were carried out using banking malware but these are not the only financial threats. Bitcoin wallet theft was the second most popular banking threat (14%). Bitcoin mining software (10%) is another threat related to the crypto currency. It uses computing resources to generate bitcoins.
Maria Garnaeva, Security Expert at Kaspersky Lab’s Global Research and Analysis Team, said: “One of the most effective ways to deliver malware to user computers is to exploit vulnerabilities in Oracle Java and in browsers such as Explorer, Mozilla Firefox, etc. In addition, cybercriminals continue to use exploits for Adobe Reader vulnerabilities. These infection techniques remain popular simply because social engineering techniques are still effective. Each year we see how cybercriminals are creating more inventive ways of luring in their victims. That is why recipients are still willing to read a seemingly harmless e-mail from an unexpected source and then open attachments or follow links that expose them to malicious programmes.”