" virus "

2015-PandaLabs-Forecast

2015 Malware Predictions from PandaLabs

PandaLabs have released their predictions for IT security in 2015, based on reports and attacks in 2014.

CryptoLocker

This type of malware was in the spotlight in 2014, and these types of attacks are set to increase in 2015.

CryptoLocker operates in straightforward fashion: Once it gets into a computer, it encrypts all types of documents that could be valuable to the user (spreadsheets, documents, databases) and blackmails the victim into paying a ransom to recover the files. This type of malware is also known as ransomware.

Payment is most often demanded in bitcoins, so that it cannot be traced by the police, making this type of attack ideal for cyber-criminals – as many users choose to pay in order to recover the “hijacked” information.

Targeted attacks

A small percentage of the millions of new malware strains that appear every month are specifically created to attack previously defined targets. These attacks, known as targeted attacks, are becoming more common and will be highly significant during 2015.

Many companies are unaware that they could be the targets of such attacks and therefore do not have appropriate measures for detecting or stopping them.

(more…)

Q3-Image

PandaLabs Q3 Results: Trojans exceed PUPs in the third quarter

The results for the third quarter show that malware continues to break records, averaging at 227 747 new samples created daily.

The last four months has seen large high profile organisations fall victim to cyber-attacks; companies such as JP Morgan Chase, Target, Home Depot and online services such as Dropbox and iCloud.

The most recent victim is Sony. The hack on the company led to upcoming films and workers’ personal data, such as social security numbers and salaries being leaked online. The malware used in the attack was undetectable by industry standard antivirus software and was damaging and unique enough to cause the FBI to release a flash alert to warn other international organisations of the critical threat.

Trojans continue to be the most common malware during Q3, accounting for 75% of infections, compared to 62.80% in the previous quarter. PUPs ranked second, representing 14.55%of infections, decreasing since Q2. Adware/spyware comprises 6.88% of infections, worms at 2.09% and viruses at 1.48% – down since the second quarter.

The global infection rate increased from 36.87% in Q2 to 37.93% in Q3. The results for each country shows that China is still at the top, reaching an infection rate of 49.83%. China is followed by Peru at 42.38% and Bolivia at 42.12%.

Europe remains the region with the lowest infection rate, with nine European countries ranking in the top ten most secure countries.

The full report is available here.

Spotlight on Cyber-crime

Ever wanted to know a bit more about cyber-crime and cyber-criminals? PandaLabs, Panda Security’s anti-malware laboratory has recently published an infographic which offers us some useful insights into this criminal activity and presents some interesting facts.

 
Did you know, for example, that more than 31% of computers worldwide are infected with malware?
Predictably, too, the squeaky clean Swiss top the list of countries with the least infections as opposed to South Korea which seems to be experiencing the most infections. Naturally,and NOT coincidentally, the least infected countries are also those that tend to be the most technologically advanced!

 
The android mobile platform remains vulnerable to attack as do social networks which attract criminals intent on stealing personal information. Smug Mac users, too, should lift their heads out of the sand and recognise that they are no longer exempt from attacks. Not too long ago, the Flashback Trojan successfully infiltrated 600 000 Macs.
Fortunately, Panda Security is on hand to help you protect your system. It’s imperative always to have an up-to-date antivirus program in place and to ensure that your operating system and software are always kept up to date.

 
Cyber-crime infographic

Mac gets Panda Antivirus Corporate Edition

–       The new corporate solution protects Mac computers and servers

–       In 2010, 308 vulnerabilities were discovered in Mac OS X, 67% of these were classified highly critical

Global IT vendor Panda Security has announced the launch of Panda Antivirus for Mac Corporate Edition. The new solution, for Mac desktops, laptops and servers, delivers complete protection against all types of malware able to affect Mac OS, Mac OS X, Windows and Linux, protecting users not just against threats designed specifically to target the Apple platform, but also preventing Mac users from transmitting malware for other operating systems.

“Many companies, universities and other organizations now operate with a diverse network topology including Mac servers and workstations operating alongside Windows systems” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “In these environments it is very important not just to protect against specific threats that target Apple platforms, but also against those Windows threats that can be transmitted via Mac and infect all systems.”

Panda Antivirus for Mac protects against all types of threats in near real-time. It can also scan Apple iPhone, iPad and iPod, thereby ensuring that if any of these devices is carrying malware, they won’t infect other similar devices or the Mac computer or server.

It is also designed specifically not to impact performance, as it operates silently taking advantage of available resources or low workloads.

The antivirus scans folders, files and email, detecting and eliminating or blocking all types of threats initially designed for Windows, but which also affect Mac. These threats include Trojans, spyware, keyloggers, adware, hacking tools, botnets, dialers, scareware and other Macro viruses.

2010: A turning point for Mac security

In 2009 some 34 vulnerabilities were detected in Mac OS. This figure rose to 308 in 2010, with 67% of these vulnerabilities classified as highly critical, indicating that any attacker could take remote control of unpatched systems, among other actions.

“2010 has been an intense year for threats” says Luis Corrons, technical director of Panda. “We have collected over 20 million new examples of malware, and the figure continues to rise. Every day our laboratory receives some 63,000 new threats. Regarding Mac, we’ve seen an increase in the number of threats designed specifically for this platform, although there are many more that can affect corporate Mac users: all Office macro viruses, for example. And there are other types of threats which all Mac users are exposed to, such as phishing, or vulnerabilities in popular programs including browsers, PDF readers, etc.”

Price and availability

The solution is available from February 2011 for R208* per license for workstations, servers and the administration console (12 months with full services, for license ranges between 100 and 199 seats).

For more information go to: http://www.pandasecurity.com/enterprise/solutions/mac-corporate-edition

*Price at rate of exchange

 About Panda Security

Founded in 1990, Panda Security is the world’s leading provider of cloud-based security solutions, with products available in more than 23 languages and millions of users located in 195 countries around the World. Panda Security was the first IT security company to harness the power of cloud computing with its Collective Intelligence technology. This innovative security model can automatically analyze and classify thousands of new malware samples every day, guaranteeing corporate customers and home users the most effective protection against Internet threats with minimum impact on system performance. Panda Security has 61 offices throughout the globe with US headquarters in Florida and European headquarters in Spain. In 2006, Jeremy Matthews founded Panda’s local subsidiary in Cape Town, opening the international vendor’s first presence on the African continent.

 For more information about Panda, visit http://www.pandasecurity.com/.

Follow Panda SA on Facebook and Twitter

The Virus Hall of Fame 2010

Global IT vendor Panda Security is closing the year with a light-hearted look at the viruses that have appeared over the last twelve months. The 20 million new strains of malware in 2010 have made it no easy task. However, this is not a list of the most prolific threats or those that have caused most infections. These are simply some of the viruses that, for one reason or another, have caught Panda’s eye.

So here are the viruses that have made the ‘Virus Yearbook 2010’: 

–       The mischievous Mac lover: This title has been earned by a remote-control program with the worrying name of HellRaiser.A. It only affects Mac systems and needs user consent to install on a computer. Yet once installed, it can take remote control of the system and perform a whole host of functions… it can even open the DVD tray!

–       The Good Samaritan: Surely some of you will have guessed… Bredolab.Y comes disguised as a message from Microsoft Support claiming that a new security patch for Outlook has to be installed immediately… But watch out! If you download the antivirus you will have installed the SecurityTool rogueware, which will start telling you that your system is infected and that you should buy a certain solution to fix it. Of course, if you pay for the program, you will never receive it, it will not resolve the problem and that’s the last you will see of your money… 

–       Linguist of the year. Times are hard, there’s no doubt… And hackers increasingly have to adapt to new trends and do what they can to find new victims. The lengths they’ll go to trick people know no bounds. Some even learn new languages! As such, our award for the linguist of the year goes to MSNWorm.IE. This virus, which in itself is nothing special, is distributed via Messenger with a link tempting the user into viewing a photo… in 18 languages! At least the emoticon at the end “:D” is universal…

–       The most audacious: This year, the award goes to Stuxnet.A. If we had to choose a soundtrack for this virus, it would have to be something like that of the “Mission Impossible” or “The Saint”. This malicious code has been designed to target SCADA systems, i.e. critical infrastructures. The worm exploits a Microsoft USB security hole with a view to getting right to the core of nuclear plants… Just like the plot of a Hollywood film.

–       The most annoying: Oscar. Remember how viruses used to be? Or those ‘jokes’ that once installed would ask: “Are you sure you want to close the program? Yes – No?”. No matter what you clicked, the same screen would appear: “Are you sure you want to close the program?”, time and time again, enough to try the patience of a saint… Well that’s what this worm does: Oscarbot.YQ. Once it is installed, start praying, or doing yoga, or meditating… whatever you can think of, because it will drive you mad. Every time you close it, another screen opens asking another question, or opening a browser window, or… The most annoying, without a doubt.

–       The most secure worm. Clippo.A, a name that might remind some users of “Clippy”, the nickname of the Microsoft office assistant in the form of a paperclip, is the most secure of worms: once installed on a computer it password-protects all office documents. This way, when a user tries to open them, it will be impossible if they don’t have the password. But why does it do this? This is the strange bit… for no reason! No ransom is demanded, users are not asked to buy anything… it is just there to annoy you. Yet this is no fun for anyone who’s infected, as there is no other visible symptom.

–       A victim of the crisis: Ramsom.AB. The economic crisis is affecting many people around the globe, and this is mirrored in the world of cyber-crime. Some years ago, any ransomware (programs that block computers and demand a ransom to release them) worth its salt would demand a hefty fee: upwards of $300. Now with the crisis, the recession and competition among cyber-criminals… everyone’s feeling the pinch. So now for just $12 you will be able, supposedly, to reclaim your computer. Times are hard… you almost feel sorry for them.  

–       The most economical with the truth. This year, this distinction goes to SecurityEssentials2010 (the fake one that is, not the official MS antivirus). This comes under the category of adware, but acts like any other fake antivirus. It tells victims that their computers are rife with infection and in danger, and it won’t stop until they ‘buy’ the solution. In this way it is the same as any other rogueware. Yet the design is so convincing, with authentic looking messages, screens, etc., that it has made the top 10 infections of the year. So watch out, and don’t believe a word!

To close the yearbook for 2010, we would like to make special mention of the insect of the year: the Mariposa (Butterfly) botnet, which was dismantled in March and led to the arrest of, the creators thanks to the collaboration between Panda Security, the Spanish Civil Guard, FBI and Defense Intelligence… Like a true insect, it fed on the nectar of other people’s computers, flitting from one to another… and compromised a total of 13 million computers around the world. This is one bug you never want to see in your garden, and certainly not on your computer.

For more information about Panda, visit http://www.pandasecurity.com/.

Follow us on Twitter: PandaSecurityZA and Facebook: Panda Security South Africa

Panda marks Universal Children’s Day with web safety advice for kids

Panda Security marked Universal Children’s Day on the 20th of November with advice to children on how to use the Internet responsibly and ensure they enjoy the Web as safely as possible. This initiative from Panda Security aims to promote responsible and secure use of the Internet among young people, and is part of the company’s “Kids on the Web” campaign (www.kidsontheweb.com).

With this in mind, Panda offers this simple, practical guide to children:

  1. Don’t click suspicious links. When using instant messaging programs (such as MSN Messenger or any other chat application) or you receive an email, never click directly on any links. If the message or email comes directly from someone you know, then type the address in the browser. If you don’t know the person that it has come from, the best thing to do is to ignore it.
  2. It is dangerous to download or run files from unknown sources. You have probably gotten instant messages inviting you to download a photo, a song or a video. This file could have been sent by a dangerous program that has infected a friend’s computer and which is trying to spread to other users. Just in case, the best thing to do is ask your friend if they have really sent something. If they haven’t, let them know that they are infected so they can delete the file.
  3. Don’t speak to strangers. In chat rooms, social networks or across instant messaging, you can never be completely sure who you’re speaking to, as you can’t see them. Especially in online communities, where people have never met in real life. Never make friends with strangers, and never ever arrange to meet them in real life.
  4. Don’t send private information across the Internet. Never send private information (your address or phone number, etc.) via email or instant messaging, and never publish this kind of information in a blog or on a forum. You should also take care when you create profiles for sites such as Facebook or Myspace. You should never include information such as your age or your address.
  5. If you have the slightest doubt, be careful. If a program you don’t remember installing begins to display false infections or pop-ups inviting you to buy some type of product, be wary. You probably have some type of malware installed on your computer.
  6. Don’t browse the Web alone. If you’re going to search on the Internet, it’s much better to get an adult to guide and advise you on where to look. It is far more secure to visit trustworthy and official sites rather than unknown Web pages.
  7. Talk to your parents or teachers. If you see something suspicious or you receive a nasty or dangerous email, speak to an adult. They will be able to advise you.

“Many young children have online acces and the ‘digital gap’ between parents and children is exposing many young people to the dangers of the Internet”, explains Jeremy Matthews, head of Panda’s sub-Saharan operations. “We need to make sure our children can enjoy the Web in a healthy way. We always advise that the best way to achieve this is for parents and children to have a relationship based on trust, so it is not necessary to be constantly monitoring kids while they’re on social networks and the like”, he concludes.

More information at www.pandalabs.com

For more information about Panda, visit http://www.pandasecurity.com/.

Visit our Facebook Page and Follow us on Twitter http://www.twitter.com/PandaSecurityZA