APAC accounted for majority of botnet detections globally

Asia-Pacific contributed more than 50 percent of total botnet detections in the second half of 2016, with the Philippines, Indonesia, India, Thailand, and Malaysia among top 10 countries.
Written by Eileen Yu, Senior Contributing Editor

Asia-Pacific is proving to be a haven for botnets, accounting for more than half of all detections worldwide, but remains somewhat unscathed from ad fraud, adware, and ransomware.

Three countries in the region were among the top five locations for botnet detections, led globally by the Philippines, according to a report by Malwarebytes, which assessed data from nearly 1 billion malware detections between June and November 2016, across some 100 million Windows and Android devices in 200 countries. The report focused on six threat types: ransomware, ad fraud malware, Android malware, botnets, banking Trojans, and adware.

Botnet detections in the Philippines were nearly four times more than that in Indonesia, which was ranked second on the global list. India also was among the top five, while Thailand and Malaysia were among the top 10 countries globally with the most botnet detections. These five Asia-Pacific markets alone accounted for nearly half of total detections.

The report further noted that developed markets in the region accounted for less than 0.5 percent of global botnet detections.

"In Asia Pacific, we are seeing that botnets are particularly rampant, " said Jeff Hurmuses, Asia-Pacific area vice president and managing director for Malwarebytes, which regional headquarters was Singapore.

"A particularly sneaky malware, botnets can remain undetected for long periods of time and expose users to other malware threats and infections," Hurmuses. "As individuals and businesses become more reliant on computing in their professional and daily life, it is imperative they remain aware of new cyberattack methodologies and how these can impact them."

Three markets in the region also were among the world's top 10 locations for malware infections, with Indonesia placed fourth, while India and the Philippines were seventh and eighth, respectively.

Again, emerging markets such as Indonesia, India, Philippines, Thailand, and Malaysia seemed more susceptible to malware infections, the report noted, which suggested that this could be due to the high availability of pirated software and number of third-party app stores in these markets.

The region, though, remained somewhat unscathed from ad fraud malware, adware, and ransomware. All markets here accounted for no more than 2.5 percent of detections globally in these three threat categories, where attacks had focused on developed markets in Europe and the US.

This, however, could change when these regions rolled out measures to combat such tactics, prompting cybercriminals to divert their attention towards developed markets in Asia-Pacific.

The Malwarebytes report also found increased use of randomisation in malware attacks to circumvent detection by mobile security systems. This had driven up the number of malware infections on Android devices worldwide.

Such malware was particularly rampant in Indonesia, India, the Philippines, and Malaysia, fuelled largely by the use of unsecured third-party app stores. In fact, Indonesia, India, and the Philippines were among the top 10 global locations for Android malware detections, accounting for more than 15 percent of total detections.

E-mail remained a popular distribution platform for malware, with phishing attacks including malicious attachments resurfacing in the second half of last year. Malwarebytes projected that exploit kits, particularly RIG, also would reemerge as the standard for malware distribution in the near future.

The Philippines and Thailand also accounted for more than 20 percent of banking Trojan detections globally, with the former contributing almost twice as many as the number detected in the Thai market. The Asia-Pacific region accounted 27 percent of the global number of banking Trojans.

A Trend Micro report earlier this month revealed that Asia-Pacific saw the highest number of attempted attacks across different forms last year, clocking 317,833 online banking malware, for instance, This was three times higher than North America and six times more than Latin America.

In addition, 27 percent of ransomware attacks launched were targeted at enterprises and individuals based in Asia-Pacific, compared to 25 percent aimed at EMEA, and 22 percent at Latin America. Last year also saw record number of online extortion, where ransomware grew by 752 percent and clocked US$1 billion in financial gains, according to Trend Micro.

Editorial standards