Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Report: 14 Percent of Home Networks Infected With Malware In Q2 2012

Approximately 14 percent of home networks were infected with malware from April through June 2012, according to a recent report from Kindsight Security Labs, a majority-owned subsidiary of Alcatel-Lucent.

Approximately 14 percent of home networks were infected with malware from April through June 2012, according to a recent report from Kindsight Security Labs, a majority-owned subsidiary of Alcatel-Lucent.

Email messages luring users to websites running exploit kits remained the main method of infection during the second quarter of 2012, researchers wrote in the Kindsight Security Labs Malware Report for Q2 2012, released Thursday. The quarterly report identifies statistics and trends for malware infections in home networks, mobile devices, and computers connected through mobile adapters.

Malware Infection Rates 2012Nearly 9 percent of residential households were infected by high-threat malware, such as a botnet, rootkit, or a banking Trojan. About 6 percent were infected with moderate-threat malware such as spyware, browser hijackers, and adware. Some households had multiple infections, Kindsight found.

“We saw an increase in the number of home networks infected as compared to first quarter 2012,” researchers wrote.

While not as publicly well-known as the Flame espionage malware, researchers were more concerned about the ZeroAccess botnet, whch grew to over 1.2 million nodes over the second quarter.

“In recent months, we’ve seen the ZeroAccess botnet update its command and control protocol and grow to infect more computers while connecting to over one million computers globally,” Kevin McNamee, security architect and director of Kindsight Security Labs, said in a statement.

ZeroAccess is a peer-to-peer botnet that focuses on ad click fraud and malicious bandwidth usage. Infected machines receive instructions from a command-and-control server directing them to click on ads on specific websites. The website owner collects per-click fees from the advertiser after generating fraudulent clicks using the botnet.

“The concern with ZeroAccess is that it is using the subscriber’s bandwidth maliciously which will cost them money as they exceed bandwidth caps. And, once the computer is compromised, it can also spread additional malware or launch new attacks,” McNAmee said.

ZeroAccess consumed bandwidth equivalent to downloading 45 full-length movies per month per subscriber during the second quarter.

Advertisement. Scroll to continue reading.

Flashback, the Trojan that exploited a Java vulnerability to infect thousands of Mac OS X systems worldwide last spring, infected 10 percent of homes that owned at least one Mac, during the month of April, according to the report.

Speaking of malware that grabbed security headlines over the course of the quarter, Kindsight determined that 10 percent of computers infected with the DNSChanger Trojan still had not been cleaned by the end of June.

On the mobile side, approximately one out of every 140 devices on mobile networks was infected, Kindsight found. These devices were mainly compromised laptops and Android phones connecting to mobile networks. Apple also had its share of mobile woes during the second quarter, thanks to the questionable “Find and Call” app, which harvested user contact lists and spammed the contacts.

According to Kindsight, Android malware samples also increased by 300 percent over the past three months.

“While the increases in malware in this report are a concern, it is the types of malware that is driving this growth that is the thing to watch as we move into Q3,” researchers wrote.

The full report from Kindsight Security Labs can be found here in PDF format.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

An engineer recruited by intelligence services reportedly used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.