Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Report: 14 Percent of Home Networks Infected With Malware In Q2 2012

Approximately 14 percent of home networks were infected with malware from April through June 2012, according to a recent report from Kindsight Security Labs, a majority-owned subsidiary of Alcatel-Lucent.

Approximately 14 percent of home networks were infected with malware from April through June 2012, according to a recent report from Kindsight Security Labs, a majority-owned subsidiary of Alcatel-Lucent.

Email messages luring users to websites running exploit kits remained the main method of infection during the second quarter of 2012, researchers wrote in the Kindsight Security Labs Malware Report for Q2 2012, released Thursday. The quarterly report identifies statistics and trends for malware infections in home networks, mobile devices, and computers connected through mobile adapters.

Malware Infection Rates 2012Nearly 9 percent of residential households were infected by high-threat malware, such as a botnet, rootkit, or a banking Trojan. About 6 percent were infected with moderate-threat malware such as spyware, browser hijackers, and adware. Some households had multiple infections, Kindsight found.

“We saw an increase in the number of home networks infected as compared to first quarter 2012,” researchers wrote.

While not as publicly well-known as the Flame espionage malware, researchers were more concerned about the ZeroAccess botnet, whch grew to over 1.2 million nodes over the second quarter.

“In recent months, we’ve seen the ZeroAccess botnet update its command and control protocol and grow to infect more computers while connecting to over one million computers globally,” Kevin McNamee, security architect and director of Kindsight Security Labs, said in a statement.

ZeroAccess is a peer-to-peer botnet that focuses on ad click fraud and malicious bandwidth usage. Infected machines receive instructions from a command-and-control server directing them to click on ads on specific websites. The website owner collects per-click fees from the advertiser after generating fraudulent clicks using the botnet.

“The concern with ZeroAccess is that it is using the subscriber’s bandwidth maliciously which will cost them money as they exceed bandwidth caps. And, once the computer is compromised, it can also spread additional malware or launch new attacks,” McNAmee said.

ZeroAccess consumed bandwidth equivalent to downloading 45 full-length movies per month per subscriber during the second quarter.

Flashback, the Trojan that exploited a Java vulnerability to infect thousands of Mac OS X systems worldwide last spring, infected 10 percent of homes that owned at least one Mac, during the month of April, according to the report.

Speaking of malware that grabbed security headlines over the course of the quarter, Kindsight determined that 10 percent of computers infected with the DNSChanger Trojan still had not been cleaned by the end of June.

On the mobile side, approximately one out of every 140 devices on mobile networks was infected, Kindsight found. These devices were mainly compromised laptops and Android phones connecting to mobile networks. Apple also had its share of mobile woes during the second quarter, thanks to the questionable “Find and Call” app, which harvested user contact lists and spammed the contacts.

According to Kindsight, Android malware samples also increased by 300 percent over the past three months.

“While the increases in malware in this report are a concern, it is the types of malware that is driving this growth that is the thing to watch as we move into Q3,” researchers wrote.

The full report from Kindsight Security Labs can be found here in PDF format.

Written By

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Malware & Threats

Norway‎-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.