Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

New Malware Variants Near Record-Highs: Symantec

The number of new malware variants that emerged in February 2017 was three times higher compared to January, nearly reaching the record-high levels registered in October 2016, Symantec reports.

The number of new malware variants that emerged in February 2017 was three times higher compared to January, nearly reaching the record-high levels registered in October 2016, Symantec reports.

Last month the security company registered 94.1 million malware variants, which marks a worrying increase when compared to the 32.9 million seen in January and only 19.5 million in December. Furthermore, Symantec’s Latest Intelligence for February 2017 reveals that the Kovter malware family is the driving force behind this uptick.

The rate of email malware increased as well, reaching one in 635 emails in February, up from one in 722 the previous month. Despite that, the overall email malware rates remain low compared to previous months, most probably as the result of “a lull in activity from the Necurs botnet which has been quiet since late last year,” Symantec says.

The global spam rate registered a very small drop of only 0.1 percentage points in February, reaching 53.7% from the 53.8% registered in January. The Construction sector was hit the most, with a 59.28% spam rate, followed very closely by the Mining sector at 59.27%.

The number of web attacks blocked in February was of 394,000 per day, down slightly from 419,000 in January, Symantec says. RIG remains the most active exploit kit, with 25% share (down from 28.9% in January), followed by SunDown at 14.5% (up from 8.1% in January), Magnitude at 4.6% (down from 6.1%), Angler at 0.6% (down from 0.9%), and Neutrino at 0.5% (down from 0.8%).

One of the most notable threats discussed in February was the destructive disk-wiping malware Shamoon, which is believed to have been used by actors conducting a much wider campaign in the Middle East. According to Symantec, Shamoon was used only against specific targets, although the group has been targeting a wider range of organizations.

The number of Android malware variants per family reached 60 last month, although no new malware family was discovered. New variants of the Android.Lockdroid.E family were found last month, one designed to use speech recognition APIs and to demand victims to speak the provided unlock code instead of typing it.

Phishing attacks decreased last month as well, reaching one in 8,246 emails, down from one in 3,271 in January. The phishing rate declined across all industries, the researchers say.

Advertisement. Scroll to continue reading.

“While phishing rates declined last month, we also saw a new tactic being used by smartphone thieves who are now attempting to phish their victim’s login credentials in order to unlock stolen phones. Stolen high-end smartphones can earn criminals a lot of money, but only if they can gain access to them. This latest trick shows the lengths thieves are willing to go to get into a device,” Symantec reports.

Related: Kelihos Becomes King of the Malware Mountain

Related: The State of Malware: 1 Billion Samples Under the Microscope

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cyberwarfare

An engineer recruited by intelligence services reportedly used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down.

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.