Woburn, MA – August 4, 2014 – Kaspersky Lab today issued its quarterly threat report, finding that Kaspersky Lab products detected and neutralized a total of 995,534,410 threats in the second quarter of 2014. During the quarter, the Company reported on targeted attacks and malware campaigns, and saw an increase in online banking threats and mobile malware.
The main targeted attacks during the quarter included the banking fraud campaign Luuuk that stole half a million euros from 190 victims in just one week, the latest HackingTeam Remote Control System software used for pervasive device surveillance, as well as the first in-the-wild mobile encryptor Pletor that has already infected 2,000 devices in 13 countries in less than a month. Also a MiniDuke APT campaign, re-loaded from early 2013 to target government, energy, military, and telecom sectors and even traffickers of illegal steroids and hormones.
Web-based attacks
- 354.5 million attacks were launched from online resources located all over the world, which was 1.3 million more than in the first quarter.
- There were changes to the top five sources of web attacks as Germany rose from fourth to first – its share increasing by 12 percent. The US (22%) dropped from first to second after its share fell by six percentage points. 44 percent of neutralized web attacks were carried out using malicious web resources located in these two countries. They were followed by the Netherlands (+3 percentage points in Q2), which remained in third place, the Russian Federation (-2.5 percentage points) and Canada (+6.3 percentage points).
Mobilethreats
- At the end of Q1 2014, Kaspersky Lab’s collection of mobile malware stood at almost 300,000 samples. In the second quarter the collection increased by more than 65,000 new malicious mobile programs.
Cybercriminals have increasingly exploited iOS functions, with an attack on Apple ID completely blocking a device. This is followed by demands for a payment to be made to unlock the device. This news exposed the activities of Hacking Team, an Italian company that sells “legal” software called Remote Control System (RCS). Kaspersky Lab published the results of its latest research into the software showing a number of mobile malware modules for Android, iOS, Windows Mobile and BlackBerry that came from HackingTeam. The iOS module allows an attacker to access data on the device, to secretly activate the microphone and to take regular camera shots. This gives complete control over the whole environment in and around a victim’s device.
In May, Kaspersky Lab discovered the first mobile encryptor in the wild. Named Pletor, it locks the phone for "viewing banned porn content," encrypts the smartphone memory card and displays a ransom demand. In addition, ransomware technology proved to be actively developing throughout the quarter. In early June, Kaspersky Lab detected a new modification of Svpeng aimed primarily at users in the US. The Trojan locks the phone and demands $200 to unlock it.
Onlinebankingthreats
- Banking malware attacked 927,568 computers in Q2. The figure for May saw a 36.6 percent increase compared to that for April.
- Most attacks were recorded in Brazil, Russia, Italy, Germany and the US.
- 2,033 mobile banking Trojans were detected in the last three months. Since the beginning of 2014 their number has increased fourfold, and over the last year (since July 2013) the figure has increased 14.5 times.
- Nine out of 10 families of popular banking malware work by injecting a random HTML code in the web page displayed by the browser and intercepting any payment data entered by the user in the original or inserted web forms.
Malicious objects
- 60 million unique malicious objects (scripts, web pages, exploits, executable files, etc.) were detected, double the figure for Q1 2014.
- Kaspersky Lab analyzed two new SWF exploits in mid-April, later confirmed by Adobe as a new zero-day.
- 145.3 million unique URLs were recognized as malicious by web antivirus – 63.5 million more than in the previous quarter.
Quote:
Alexander Gostev Chief Security Expert, Global Research and Analysis Team
Kaspersky Lab
“The first six months of the year have shown that, as predicted, encryption of user data on smartphones has evolved. Criminals are making money by using methods that have proven effective for PC users. The growing interest in ‘big’ money among those carrying out these attacks is obvious – reflected in a sharp rise (14.5 times) in the number of banking Trojans over the last year. In addition to the financial benefits, the surveillance technology race is showing no let up. HackingTeam mobile modules showed that a mobile device can be used to gain complete control over the whole environment in and around a victim’s device.”
The full report is available at securelist.com
Media Contact
Sarah Bergeron
781.503.2615
781.503.2615
sarah.bergeron@kaspersky.com
