PandaLabs, Panda Security’s malware research laboratory, has confirmed a record increase in the creation of new malware samples in its latest Report covering Q2 2015. In the second quarter of 2015 alone there were an average of 230,000 new malware samples detected each day, which means a total of 21 million new types in these three months. Compared to the same period last year, where there were 160,000 registered samples, this is an increase of 43%. The majority of these samples are variants of known malware, mutated by cybercriminals to try and stop the antivirus laboratories from detecting the infections.
Trojans continue to be, by a large margin, the most common (71.16%) source of infection, with 76.25% of users infected by this type of malware. This quarter also saw the proliferation of PUPs (Potentially Unwanted Programs) which accounted for 14.39% of infections, placed just behind Trojans.
Cryptolocker, the big threat to businesses and users
Among the main threats that this study investigated was the use of Cryptolocker, and how cybercriminals have begun to reuse an old technique to infect users, one which was first seen 20 years ago. It involved infecting users via a macros in Office documents, especially Word. To complete this attack, the criminals included a blurred image which could only been seen if the user activated the macros. Once the user does this, they are infected with Cryptolocker.
“Cyber hackers are looking at businesses more and more as it is relatively easy for them to steal information”, affirms Luis Corrons, Technical Director of PandaLabs. “Sometimes it’s as simple as introducing a variant of Cryptolocker in a file that is sent to an employee and, once it’s opened, the security of the entire company is at risk”.
This quarter also saw attacks on mobile devices. One of the ways in which hackers have duped their victims is by WhatsApp. Called WhatsApp Trendy Blue. It passes itself off as a “new version” of the application with extra features when, in reality, the only thing it does is sign the user up to an expensive billing service.
In June, PandaLabs detected a phishing campaign directed at Android developers that published their creations on the Google Play store. The trick consisted of stealing password information in order to propagate malware via Google Play.
Asia and Latin America register the highest rates of infection
PandaLabs’ Quarterly Report also collected information on the rate of infection worldwide, according to computer’s protected by Panda’s software. The areas with the highest rate of infection were Asia and Latin America, which placed above the average of rate of infection (33.21%). China was the country with the highest rate of infection (47.53%), followed by Turkey (43.11%) and Peru (41.97%).
On the other end of the scale, Europe and Japan were the areas with the lowest rate of infection. Sweden (21.57%), Norway (22.22%), and Japan (23.57%) are the countries with the lowest infection rates worldwide, followed by Switzerland (24.41%) and UK (25.17%).
However, some European countries recorded infection rates above the global average such as Spain (36.37%), Poland (38.48%), and Slovenia (38.05%), while in Latin America there were rates of 38.21% and 37.86% in Brazil and Colombia, respectively.