AVG has announced the release of AVG Technologies’ “AVG Community Powered Threat Report – Q2 2011”, providing insight, background and analysis on the trends and developments in the global threat landscape.
The report unearths how ‘trusted malware’ is continuing to grow at an alarming rate. In Q2, AVG’s Threat Labs have seen an increase in the number of stolen digital certificates used to sign malware, before being distributed by hackers. A significant increase of over 300% was identified at the start of 2011, compared to the whole of 2010. The practice of trusting signed files is rapidly losing its strength.
Also, as Macs continue to rise in popularity, they are increasingly becoming the latest victims of cybercrime, the report reveals. With the platform reaching crucial market share levels, it is starting to appear on the radar of cyber criminals. While it may be a new target platform, cyber criminals are using tried and tested social engineering techniques to attack Mac OS users.
Increasingly, cyber crooks are using mobile malware to monetize using premium SMS and fake apps. Monetizing techniques via mobile are much easier to operate than those in use on PC. By spamming users to download apps or simply posting them on download stores or markets, the software distribution is easy and scalable.
The report provides insight into the most prevalent malware targeting online banking in the past few years – SpyEye. The rise in SpyEye means that users of internet banking need to be extra vigilant, especially as victims of cyber-attacks are increasingly considered to be accountable.
A recent court ruling in the US concluded that it was in fact the victim’s responsibility to protect their account credentials, rather than the bank – namely via the use of internet security and identity protection tools.
The AVG Threat Labs investigated the operation of 702 Command and Control servers in the first half of 2011. The research results match the geo location of the servers as well as the popularity of the various malware versions in use by each C&C. The US holds the lead in Command and Control Servers with 30% of the market share, followed by Ukraine with 22%.
The United States still remains the dominant source of spam with English as the main language used in spam messages, followed by the UK with Brazil only just coming third. However, Brazil is rapidly closing that gap and is on course to overtake the UK, likely in the next quarter.