Search engine malware doubled in 2010 ...
FYI...
Search engine malware doubled in 2010...
- http://www.darkreading.com/taxonomy/...e/id/229300350
Mar 04, 2011 - "Malware authors are increasingly using search engines and social networks to spread their wares and are relying less on email, according to a report published yesterday. In its new "2010 Annual Security Report," Barracuda Networks* says spam dropped by half during 2010, while search engine malware doubled. The Twitter Crime Rate - the percentage of accounts created per month that are eventually suspended by Twitter - increased 20 percent in 2010, Barracuda says, "signifying a concentrated focus on the more lucrative social networks and search engines as attack vectors". To help users fight infection on social networks, Barracuda Networks yesterday rolled out a free service, Profile Protector**, which helps detect malicious threats on Facebook and Twitter... attackers have increased the spread of search engine malware and expanded their reach beyond Google. In June 2010, Google was crowned king of malware, turning up more than twice the amount of malware as Bing, Twitter, and Yahoo! combined, the report says. But by December 2010, with Google producing 38 percent of overall malware, Yahoo! was at 30 percent, Bing at 24 percent, and Twitter at 8 percent. The amount of malware found daily across the search engines increased 55 percent between June and December, Barracuda says. One in five search topics leads to malware, while one in 1,000 search results leads to malware. Barracuda Labs also analyzed more than 26 million Twitter accounts in order to measure and analyze account behavior. The number of true Twitter users - those with more than 10 followers and friends - increased to 43 percent in the second half, up from only 29 percent in June 2010. For every 100 Twitter users, 39 have between one and nine followers, while 50 have more than 10 followers. Approximately 79 percent of Twitter users tweet less than once per day, the report says. After decreasing at the end of 2009, the Twitter Crime Rate increased 20 percent from the first half of 2010 to the second half of 2010, going from 1.6 percent to 2 percent, Barracuda Networks says."
* http://www.barracudalabs.com/research_resources.html
** http://profileprotector.com/
:fear::mad:
Q1-2011 Malware up 26% - 73,000 samples every day...
FYI...
New Malware increases by 26% - More than 73,000 samples every day
- http://press.pandasecurity.com/usa/n...-to-pandalabs/
Mar. 16, 2011 - "... In the first three months of 2011, PandaLabs identified an average of 73,000 new malware strains each day, most of which were Trojans. Moreover, there was a 26 percent increase of new threats compared to the same period last year...
- http://prensa.pandasecurity.com/wp-c.../03/Graph1.jpg
... Trojans remain the most popular type of threat to computer systems, and now account for 70 percent of all new malware....
- http://press.pandasecurity.com/wp-co...3/GRAPH2EN.jpg
... Banker Trojans have decreased, bots have remained steady, and fake anti-virus or rogueware has decreased in popularity. However, the number of “downloaders” has increased significantly. Downloaders are a subtype of Trojan that, once it has infected a user’s computer, connect through the Internet to download additional malware. Hackers often use this method because the downloader is lightweight – only containing a few lines of code – and can go completely unnoticed unlike other Trojans..."
- http://press.pandasecurity.com/usa/w...3/GRAPH3EN.jpg
:fear::mad::fear:
Q1-2012: Malware report - Increase across -all- Platforms
FYI...
Q1 2012: Malware report - Increase across -all- Platforms
- http://www.mcafee.com/us/about/news/...120523-01.aspx
May 23, 2012 - "... PC malware reached its highest levels in four years, as well as a steep increase in malware targeting the Android platform. Mac malware was also on the rise, indicating that total malware could reach the 100 million mark within the year...
- Mobile malware raced up a significant incline during Q1 2012, with 8,000 total mobile malware samples collected. This large increase was due in part to McAfee Labs’ advancements in the detection and accumulation of mobile malware samples. Financial profit is one of the main motivators for spreading malware on the Android platform, as identified by McAfee Labs malware researcher Carlos Castillo in a recent blog post. Nearly 7,000 Android threats have been collected and identified through the end of Q1, a more than 1200 percent increase compared with the 600 Android samples collected by the end of Q4 2011. The majority of these threats stem from third-party app markets, and are typically not found in the official Android market...
- Malware Increase in PCs and Macs
By the end of 2011, McAfee Labs collected more than 75 million malware samples. Q1 2012 had the largest number of PC malware detected per quarter in the last four years. This increase brought the grand total to 83 million pieces of malware samples by the end of Q1, up from 75 million samples at the end of Q4 2011. Major contributors to the total were strong increases in rootkits, a stealth form of malware, as were password stealers, which reached approximately 1 million new samples in Q1. In Q1, email continued to be a medium used for highly targeted attacks, and nearly all targeted attacks began with a spear phish..."
> http://www.mcafee.com/us/resources/r...at-q1-2012.pdf
___
- http://www.av-test.org/en/statistics/malware/
Last Update: 05-24-2012
___
Monthly Malware Statistics: April 2012
- https://www.securelist.com/en/analys...ics_April_2012
11 May 2012 - "The following statistics were compiled in April using data collected from computers running Kaspersky Lab products:
• 280 million malicious programs were detected and neutralized;
• 134 million (48% of all threats) web-borne infections were prevented;
• More than 24 million malicious URLs were detected..."
___
Most dangerous websites ...
- http://www.cbsnews.com/8301-505124_1...rous-websites/
May 24, 2012 - "... According to Symantec*, 20 percent of all blog and Web communication sites are infected with malicious code, 15 percent of hosting sites are infected, and 10 percent of business and economy sites..."
* http://www.symantec.com/threatreport/
:fear::fear: :mad:
Q2-2012 - The growth of malware / Top 50 Bad Hosts and Networks
FYI...
> http://www.av-test.org/en/statistics/malware/
Almost at 80 million...
Last update: 7.17.2012
> https://threatpost.com/en_us/blogs/s...-report-080712
August 7, 2012
PandaLabs' Q2-2012 Report
- http://press.pandasecurity.com/wp-co...-June-2012.pdf
Pg. 11 - "... The average number of -infected- PCs across the globe stood at 31.63 percent..."
___
Top 50 Bad Hosts and Networks - Q2 2012
- http://hostexploit.com/
"... HostExploit’s latest report features analysis of malicious activity hosted around the world, as well as features on cross-border cooperation pertaining to the recent Carberp virus. The overall #1 Bad Host title for this quarter is a hosting provider based in Russian - AS41947 Webalta – known to researchers for a long time. However, with an HE Index of 214.67, Webalta is not ranked as highly as previous #1 Hosts. HostExploit analyzed all 41,635 publicly-advertised Autonomous Systems (including web hosts, commercial networks and registrars) with the results represented in a number of ways..."
(More detail and links to full PDF reports available at the URL above.)
> http://sitevet.com/db/asn/AS41947
> http://google.com/safebrowsing/diagnostic?site=AS:41947
"... over the past 90 days, 1168 site(s).. served content that resulted in malicious software being downloaded and installed without user consent. The last time Google tested a site on this network was on 2012-08-09, and the last time suspicious content was found was on 2012-08-09... Over the past 90 days, we found 30 site(s) on this network... that appeared to function as intermediaries for the infection of 72 other site(s)... this network has hosted sites that have distributed malicious software in the past 90 days. We found 63 site(s)... that infected 478 other site(s)..."
Top 50 Bad Hosts - 2012 Q2
> http://sitevet.com/hosts/
:fear: :mad::mad:
Malware infection rates - Jan-June 2012 MSIR v13
FYI...
Malware infection rates - Jan-June 2012 MSIR v13
- https://www.computerworld.com/s/arti..._soars_in_2012
Oct 9, 2012 - "... Microsoft ranked the threats facing each version of Windows... some malware families are more successful against, or at least more often aimed at, specific Windows builds*, and thus affect the infection rates... The 146-page Security Intelligence Report Volume 13 can be downloaded from Microsoft's website**."
* https://www.computerworld.com/common...on%20Rates.jpg
** http://www.microsoft.com/security/sir/default.aspx
Vol 13: Jan-June 2012 - Microsoft Security Intelligence Report (SIR)
- http://www.h-online.com/security/new...ew=zoom;zoom=1
10 Oct 2012
___
> http://www.av-test.org/en/statistics/malware/
Over 90 million...
Last update: 11.08.2012
:fear: :sad:
Top 50 bad hosts - Q3 2012
FYI...
HostExploit - Q3 2012 World Hosts Report
Familiar Hosts & Open Resolvers
- http://hostexploit.com/blog/14-reports/3540.html
24 Oct 2012 - "... the Q3 2012 World Hosts Report, in collaboration with Group-IB and CSIS. The #1 Host this quarter for levels of malicious activity is new to the top 50 ranking table – AS40034* Confluence Networks, registered in the Virgin Islands but hosted in the United States.
* http://sitevet.com/db/asn/AS40034
New names in new places is sadly not a consistent theme for this quarter as, despite the new #1, the ‘Top 50 Hosts’ table for Q3 2012 has more than a fair share of familiar names holding the top positions. Unlike the new #1 (AS40034 Confluence Networks), AS16138 Interia.pl, the holder of the #2 spot**, is a regular at the top of the chart for consistently serving some of the worst types of malicious activity on the web. Offences include large amounts of ‘Current Events’, a mix of the most up-to-date and fast changing attack exploits and vectors.
** http://sitevet.com/db/asn/AS16138
... An important topic under discussion in the Q3 2012 report is on the subject of ‘open resolvers’, ‘DDoS the World - The Problem with DNS Open & Misconfigured Resolvers’. An area that has yet to fully capture the attention of the media, despite being known about for many years, is the -misconfiguration- of DNS resolvers or ‘open resolvers’. This can leave powerful resources vulnerable to being hijacked for the purpose of amplifying of DDoS attacks... in the country rankings, there have not been large movements. It is disappointing to see that both the United States and Russia have deteriorated since Q2 in their hosts’ overall standings... The full HE ‘World Hosts Report’ for Q3 2012 - available here (1) - provides more detailed information on all of the topics above, including data on individual categories such as Botnet C&C servers, phishing servers, exploit servers, Zeus botnet hosting, infected websites, spam, current events and badware..."
1. http://hostexploit.com/downloads/viewdownload/7/44.html
AS40034 (CONFLUENCE)
> https://www.google.com/safebrowsing/...?site=AS:40034
"... over the past 90 days, 296 site(s)... served content that resulted in malicious software being downloaded and installed without user consent... the last time suspicious content was found was on 2012-10-24... Over the past 90 days, we found 16 site(s) on this network... that appeared to function as intermediaries for the infection of 211 other site(s)... this network has hosted sites that have distributed malicious software in the past 90 days. We found 776 site(s)... that infected 4417 other site(s)..."
Top 50 bad hosts - Q3 2012
- http://sitevet.com/hosts/
- http://sitevet.com/db/asn/AS15169
GOOGLE - Blacklisted URLs: 9117
Rank: 33
- http://sitevet.com/db/asn/AS14618
AMAZON-AES - Blacklisted URLs: 723
Rank: 50
:mad: :fear: