Scareware and Rogue AV are back with a vengeance in 2011, after receding in 2010 according to Kaspersky Lab’s latest threat evolution report.
According to the report, the rogue AV resurgence is significant not only in scope, which was substantial, with the Kaspersky Security Network (KSN) detecting a 300 percent increase in scareware blockage, but also in that a number of fake AV scams were targeting Mac OS X users. Yuri Namestnikov, the report’s author, claims the most troubling aspect of this trend, and perhaps the reason why the trend exists in the first place, is that Mac users, who have become very comfortable with that lack of malware targeting their platform, are now woefully ill-equipped to combat it.
The company’s second quarter report finds that, although the mainstream media have been focused on hacktivist groups like LulzSec and Anonymous, law enforcement is making progress in fighting online crime and laying the groundwork for cross-border cooperation.
The report notes the the take-over and eventual take-down of Coreflood and it’s zombie-network. In the US, federal law enforcement has done its best to quell the wave of hacktivism and cyber-vandalism from groups like LulzSec and Anonymous attacking corporations like Sony and government and law enforcement agencies like the CIA and US Senate. Another interesting precedent was established in Japan, where the Parliament passed a piece of legislation that effectively made it a crime to either store or create malware on your computer.
On the (growing) mobile malware front, Android had a tough quarter in particular with new variants of the DroidDream trojan infiltrating the Official Android Market and the widespread utilization of the “Rage Against the Cage” exploit. Even more concerning for the mobile market is the continued explosion of malicious programs targeting the Android and J2ME platforms, begging the question from certain industry experts, will Android be the new Windows?
Some interesting statistics from the report are that 10 countries, chief among them the U.S. and Russia, accounted for some 87 percent of the resources used to distribute malware in this quarter. Also interesting is that while the US remains in the average risk of infection category, like with its credit rating, America is dangerously close (within one percent) of entering into the category of countries where surfing the Web is a high-risk activity. For the first time ever, the top ten vulnerabilities on user’s computers came from the products of only two companies, Adobe and Oracle (java). Furthermore, seven of the top ten vulnerabilities came from one product, Adobe Flash Player. On average, Kaspersky detected 12 vulnerabilities on each computer in the KSN.