If I had two pick just two major malware stories for Q2 2012, I would have to go with the Flashback Trojan and the Android threat explosion. New information shows just how serious the former was (Apple has largely fixed the issue) and how serious the latter still is (Google seems to be fighting a losing battle).
Kindsight recently released its 12-page Malware Report for the last quarter (PDF). Here are the top three Q2 2012 highlights:
The Android malware situation isn't too surprising, but the Flashback number should raise some eyebrows. Here's the corresponding part from the report:
For the first time ever, malware targeting the Macintosh platform was in the number one position on the Kindsight Security Labs home network infections list. Our detection statistics for the month of April show that 1.1% of homes were infected with this malware. Based on a Mac market share this translates into about 10% of homes with Mac computers being infected with this malware during the month of April. Security researchers at Symantec have discovered that in addition to stealing passwords, Flashback is also being use for ad-click fraud.
In other words, the security firm is specifically looking at home networks and Mac market share to extrapolate a more accurate number. Nevertheless, I find the 10 percent statistic a little hard to believe.
KindSight also commented on the p2p ZeroAccess botnet, which changed its C&C protocol and grew to over 1.2 million computers globally. The result is ad-click fraud that can consume the equivalent bandwidth of downloading as many as 45 full length movies per month per subscriber.
"In recent months, we've seen the ZeroAccess botnet update its command and control protocol and grow to infect more computers while connecting to over one million computers globally," Kevin McNamee, Kindsight Security Labs security architect and director, said in a statement. "The concern with ZeroAccess is that it is using the subscriber's bandwidth maliciously which will cost them money as they exceed bandwidth caps. And, once the computer is compromised, it can also spread additional malware or launch new attacks."
See also: