" trojans "

Spotlight on Cyber-crime

Ever wanted to know a bit more about cyber-crime and cyber-criminals? PandaLabs, Panda Security’s anti-malware laboratory has recently published an infographic which offers us some useful insights into this criminal activity and presents some interesting facts.

 
Did you know, for example, that more than 31% of computers worldwide are infected with malware?
Predictably, too, the squeaky clean Swiss top the list of countries with the least infections as opposed to South Korea which seems to be experiencing the most infections. Naturally,and NOT coincidentally, the least infected countries are also those that tend to be the most technologically advanced!

 
The android mobile platform remains vulnerable to attack as do social networks which attract criminals intent on stealing personal information. Smug Mac users, too, should lift their heads out of the sand and recognise that they are no longer exempt from attacks. Not too long ago, the Flashback Trojan successfully infiltrated 600 000 Macs.
Fortunately, Panda Security is on hand to help you protect your system. It’s imperative always to have an up-to-date antivirus program in place and to ensure that your operating system and software are always kept up to date.

 
Cyber-crime infographic

Hold Your Horses!

 

Ever wondered about Trojan Horses? Panda Labs, Panda Security’s research and development arm, has published a useful infographic to help demystify these malicious malware creations, whose name derives from Homer’s Trojan Horse Story as they disguise themselves as seemingly harmless files.

Trojans are malicious software programs specifically designed to steal information or take control of users’ computers. They are also the most common type of malicious software likely to be encountered. In fact, Panda Labs recent Quarterly Report has revealed that more than 76,18% of malware infections  for the second quarter of 2012 were Trojans! Persistent horses by the sounds of things!

Panda Labs has indicated that, worldwide, 1 in 4 computers is infected.

Trojan horses also serve as reminders of the importance of keeping operating systems, software and antivirus software up to date as well as employing common sense – always useful around horses!
Trojans Infographic

Android, Facebook and HBGary Federal all hacked in the First Quarter of 2011

Global IT vendor Panda Security has published the first PandaLabs Quarterly Report of 2011. This quarter has witnessed some particularly intense  virus activity with the three most serious incidents including: the single largest attack against Android cell phones, the intensive use of Facebook to distribute malware and an attack by the Anonymous hacktivist group against the HBGary Federal security firm.

At the beginning of March, Android experienced the largest attack to date on their software. This assault was launched from malicious applications on Android Market. In just four days these applications, which installed a Trojan, had racked up over 50 000 downloads. The Trojan in this case was highly sophisticated, not only stealing personal information from cell phones, but also downloading and installing other apps without the user’s knowledge. Google managed to rid its store of all malicious apps, and some days later removed them from users’ phones.

With regards to Facebook, George S. Bronk, a 23-year-old from California, pleaded guilty to hacking and blackmail, and now faces up to six years in prison. Using information available on Facebook, he managed to gain access to a multitude of email accounts. Having hijacked an account, he would search for personal information he could then use to blackmail the victim. It would seem that anyone could become a victim of these types of attacks, as even Mark Zuckerberg –creator of Facebook– had his Facebook fan page hacked, displaying the status, “Let the hacking begin”.

The Anonymous cyber-activist group responsible for launching an attack in 2010 against SGAE (the Spanish copyright protection agency), among other targets, is still making headlines. The latest incident was triggered when the CEO of US security firm HBGary Federal, Aaron Barr, claimed to have details of the Anonymous ringleaders. The group took offence and decided to hack the company’s Web page and Twitter account, stealing thousands of emails which were then distributed on The Pirate Bay.

As if that were not enough, the content of some of these mails has been highly embarrassing for the company, bringing to light certain unethical practices (such as the proposal to develop a rootkit), forcing Aaron Barr to stand down as CEO.

Malware Continues to Grow…

So far in 2011, there has been a surge in the number of IT threats in circulation: in the first three months of the year, there was a daily average of 73 000 new samples of malware, the majority of which were Trojans. This means that hackers have created 26% more new threats in the first months of 2011 than in the corresponding period of 2010.

Once again, Trojans have accounted for 70% of all new malware created. This comes as no surprise as these types of threats are favored, by organized criminals, for stealing bank details with which to perpetrate fraud or steal directly from victims’ accounts. As ever, Panda advises all users to ensure that computers are adequately protected. With this in mind, Panda offers a series of free tools including Panda Cloud Antivirus and Panda ActiveScan.

For more information about Panda, visit http://www.pandasecurity.com/.

Follow Panda SA on Facebook and Twitter

Hackers use Facebook, Cracks, Videos and Installers to Infect Users

  • eBooks are increasingly used as bait
  • Natural disasters and events are frequently exploited by hackers

Global Cloud Security Company Panda Security has released a study on the nature of malware-infected websites blocked by the company’s antivirus solutions in Quarter 1 2011. According to the research, 25% of sites used video and multimedia contents as bait; 21.6% referred to installers or program updates; 16.5% claimed to contain cracks and keygens, and 16% were social media URLs. eBooks are in fifth place on the list (5.25% of occurrences), followed by P2P downloads and adult content.

“Users continue to fall victim to malicious links offering to take them to an exciting video or the new episode of their favorite TV show” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “This technique has become a weapon of choice for hackers as it requires minimum investment and attracts a large number of victims.”

Most Blocked URLs in Quarter 1

The three most blocked sites by Panda solutions in the first quarter of the year are three Brazilian Web pages, the first one referring to a video released by the Japanese consulate showing the rescue of a group of tsunami survivors.

The second site contains a video supposedly showing a short circuit causing the death of 15 people, and the third one supposedly contains footage of a police officer being fired because of his Internet activities.

“Attackers exploit hot topics and users’ morbid curiosity”, continues Matthews. “Most people are interested in watching footage from Japan’s earthquake.”

Popularity Ranking

The study shows user preferences in relation to the malware lures used. For example, if you take a look at P2P applications, you’ll see that the most popular program is Ares, followed by Torrent and eMule. As for social networks, Facebook is still the king, way ahead of MySpace.

The most searched for operating system is Windows, followed by Mac and Linux. Finally, Explorer still dominates the Web browser market, with Firefox and Chrome trailing behind.

It has become increasingly difficult for users to differentiate between fake and real websites and sometimes it’s hard for users to tell if their system has been infected. This is why Panda offers users Panda Cloud Antivirus, a free tool for them to get a ‘second opinion’ on the health status of their computers. Panda Cloud Antivirus scans your PC thoroughly even if you have other antivirus programs installed.

“Most of these sites download Trojans onto users’ computers without their knowledge. Therefore, a good security solution capable of blocking them proactively is extremely helpful for users who, in most cases, cannot distinguish between ‘good’ and ‘malicious’ websites”, concludes Matthews.

For more information about Panda, visit http://www.pandasecurity.com/.

Follow Panda SA on Facebook and Twitter

Cyber-activism and Cyber-warfare major IT Security Topics in 2011

  • WikiLeaks is ‘unstoppable’
  • Cyber-activism on the increase, but cyber-war is an ‘exaggerated term’

Global IT vendor Panda Security reports that cyber-activism and cyber-warfare will continue to be major topics in IT security this year.

The 3rd Security Blogger Summit, recently hosted by Panda in Madrid, focused on cyber-activism and cyber-war as well as on the new dangers posed to users and institutions on the Internet. The roundtable discussion highlighted the most recent examples of these emerging trends, international cooperation and the limits of these activities on the Web. The discussion also centered on the new trends for 2011 and the legal framework against this type of Web activity.

Opinions about cyber-activism and WikiLeaks proved relatively united, with most of the participants agreeing that it is an unstoppable phenomenon. “There is no way to stop a phenomenon like WikiLeaks”, said Enrique Dans, panel member. “In the future anybody will be able to disclose relevant information from a website, as contaminated as this might be.”

Bob McMillan, a San Francisco-based computer security journalist explained that, in his opinion, “WikiLeaks is as important as The New York Times. It’s has helped those who wanted to expose sensible information, and to think of changing the legislation in the wake of a denial of service attack like those in the operation ‘Avenge Assange’ is very difficult”. Operation ‘Avenge Assange’ was initiated by the Anonymous group and Operation Payback, targeting firstly organizations trying to close the net on Internet piracy, and later in support of Julian Assange, editor-in-chief of WikiLeaks.

Cyber-activism was discussed as a growing occurrence. Participants agreed that the technical evolution means people are able to replace meetings and gatherings with internet-based tools. Furthermore, the global situation that the technical evolution has created means that cyber-activism is possible on an international scale, with it becoming more and more unnecessary to gather large amounts of people in order to attract attention. IT researcher Rubén Santamarta indicated that, “Cyber-activism was born from the global situation we live in. Even users with limited technical know-how can join in the distributed denial of service attacks (DDoS) or spam campaigns.”

Despite hasty attempts in many countries to pass legislation to counter this type of activity, effectively by criminalizing it, Panda believes that in 2011 there will be yet more cyber-protests, organized by this group or others that will begin to emerge.

Cyber-war: Reality versus sensationalism

The Summit participants also discussed some of the most relevant examples of cyber-war, such as the alleged attacks targeting Iran’s nuclear plants using the Stuxnet Trojan, as well as Operation Aurora, concerning attacks on Google from China in order to steal secret corporate information.

Panel members Elinor Mills and Bob McMillan coincided in pointing out that the term ‘cyber-war’ was ‘too exaggerated’ for the actual events taking place. “We still do not know the real dimensions of cyber-war and it is easy to confuse it with espionage or even cyber-crime”, explained Elinor Mills. Bob McMillan added that, “Even though Stuxnet has been used as a cyber-weapon, it does not mean that we are already knee deep in a cyber-war. If there really was a cyber-war, it would be on a global scale, as with the two Great Wars of the 20th century.”

However, others insisted on the idea that the cyber-war phenomenon is at its early stages and will probably become a reality in 10 years’ time. “We are talking about a war without an army. It is a fourth-generation war where it is possible to damage a country without having to invade it with soldier”, says Santamarta. “A country can have another one under control through the Internet even before they have declared war on each other”, he concludes.

While the debate over cyber-war and its effects continue, Panda believes that these kinds of web attacks will increase in 2011, with many of them remaining unnoticed by the general public.

More information about the 3rd Security Blogger Summit is available at www.securitybloggersummit.com.

For more information about Panda, visit http://www.pandasecurity.com/.

Follow Panda SA on Facebook and Twitter

Mac gets Panda Antivirus Corporate Edition

–       The new corporate solution protects Mac computers and servers

–       In 2010, 308 vulnerabilities were discovered in Mac OS X, 67% of these were classified highly critical

Global IT vendor Panda Security has announced the launch of Panda Antivirus for Mac Corporate Edition. The new solution, for Mac desktops, laptops and servers, delivers complete protection against all types of malware able to affect Mac OS, Mac OS X, Windows and Linux, protecting users not just against threats designed specifically to target the Apple platform, but also preventing Mac users from transmitting malware for other operating systems.

“Many companies, universities and other organizations now operate with a diverse network topology including Mac servers and workstations operating alongside Windows systems” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “In these environments it is very important not just to protect against specific threats that target Apple platforms, but also against those Windows threats that can be transmitted via Mac and infect all systems.”

Panda Antivirus for Mac protects against all types of threats in near real-time. It can also scan Apple iPhone, iPad and iPod, thereby ensuring that if any of these devices is carrying malware, they won’t infect other similar devices or the Mac computer or server.

It is also designed specifically not to impact performance, as it operates silently taking advantage of available resources or low workloads.

The antivirus scans folders, files and email, detecting and eliminating or blocking all types of threats initially designed for Windows, but which also affect Mac. These threats include Trojans, spyware, keyloggers, adware, hacking tools, botnets, dialers, scareware and other Macro viruses.

2010: A turning point for Mac security

In 2009 some 34 vulnerabilities were detected in Mac OS. This figure rose to 308 in 2010, with 67% of these vulnerabilities classified as highly critical, indicating that any attacker could take remote control of unpatched systems, among other actions.

“2010 has been an intense year for threats” says Luis Corrons, technical director of Panda. “We have collected over 20 million new examples of malware, and the figure continues to rise. Every day our laboratory receives some 63,000 new threats. Regarding Mac, we’ve seen an increase in the number of threats designed specifically for this platform, although there are many more that can affect corporate Mac users: all Office macro viruses, for example. And there are other types of threats which all Mac users are exposed to, such as phishing, or vulnerabilities in popular programs including browsers, PDF readers, etc.”

Price and availability

The solution is available from February 2011 for R208* per license for workstations, servers and the administration console (12 months with full services, for license ranges between 100 and 199 seats).

For more information go to: http://www.pandasecurity.com/enterprise/solutions/mac-corporate-edition

*Price at rate of exchange

 About Panda Security

Founded in 1990, Panda Security is the world’s leading provider of cloud-based security solutions, with products available in more than 23 languages and millions of users located in 195 countries around the World. Panda Security was the first IT security company to harness the power of cloud computing with its Collective Intelligence technology. This innovative security model can automatically analyze and classify thousands of new malware samples every day, guaranteeing corporate customers and home users the most effective protection against Internet threats with minimum impact on system performance. Panda Security has 61 offices throughout the globe with US headquarters in Florida and European headquarters in Spain. In 2006, Jeremy Matthews founded Panda’s local subsidiary in Cape Town, opening the international vendor’s first presence on the African continent.

 For more information about Panda, visit http://www.pandasecurity.com/.

Follow Panda SA on Facebook and Twitter