Malwarebytes, the malware* prevention and remediation solution, has released the inaugural Asia Pacific State of Malware Report 2017. The report examines** the top malware threats present in the region for 2016, and chart a significant shift in cybercriminal attack and malware methodology from previous years.
The study reveals that ransomware, ad fraud and botnets have risen to prominence in the current threat landscape. Particularly in Asia Pacific (APAC), botnets reigned supreme with the region accounting for more than 50% of botnet incidences globally. Banking Trojans were also rampant – the region comprised more than a quarter (27%) of detections across the globe. Furthermore, Android malware was also present in significant numbers in the region.
Jeff Hurmuses, Area VP and MD, Asia Pacific, Malwarebytes said, “To protect users in Asia Pacific from cyber criminals, we must possess an intimate understanding of their methodologies and tactics.
"In Asia Pacific, we are seeing that botnets are particularly rampant. A particularly sneaky malware – botnets can remain undetected for long periods of time and expose users to other malware threats and infections. As individuals and businesses become more reliant on computing in their professional and daily life, it is imperative they remain aware of new cyber attack methodologies and how they can impact them.”
Key findings include:*
"In Asia Pacific, we are seeing that botnets are particularly rampant. A particularly sneaky malware – botnets can remain undetected for long periods of time and expose users to other malware threats and infections. As individuals and businesses become more reliant on computing in their professional and daily life, it is imperative they remain aware of new cyber attack methodologies and how they can impact them.”
Key findings include:*
Total Malware
| |||
Country
|
APAC ranking
|
Detection rate
|
Global ranking
|
Indonesia
|
1
|
3.8%
|
4
|
India
|
2
|
2.9%
|
7
|
Philippines
|
3
|
2.8%
|
8
|
Thailand
|
4
|
1.5%
|
14
|
Malaysia
|
5
|
1.1%
|
18
|
South Korea
|
6
|
1.0%
|
19
|
Japan
|
7
|
0.4%
|
35
|
Singapore
|
8
|
0.2%
|
47
|
Hong Kong
|
9
|
0.2%
|
52
|
Taiwan
|
10
|
0.1%
|
63
|
Total malware detections
Asia Pacific contributed significantly to the total number of malware infections detected globally. Indonesia, India and the Philippines are in the top 10, ranking fourth, seventh and eighth on the global rankings respectively for the most malware infections.
Emerging markets in Asia Pacific such as Indonesia, India, Philippines, Thailand and Malaysia proved to be more susceptible to malware infections than their counterparts. Malwarebytes says this could be partially be due to the large number of third party app stores utilised by consumers as well as the presence of pirated software within the markets.
The Philippines is a botnet haven
The Philippines is a botnet haven
Botnets
| |||
Country
|
APAC ranking
|
Detection rate
|
Global ranking
|
Philippines
|
1
|
28.73%
|
1
|
Indonesia
|
2
|
7.72%
|
2
|
India
|
3
|
4.59%
|
5
|
Thailand
|
4
|
3.39%
|
7
|
Malaysia
|
5
|
1.41%
|
10
|
Japan
|
6
|
0.32%
|
32
|
South Korea
|
7
|
0.24%
|
41
|
Singapore
|
8
|
0.07%
|
71
|
Hong Kong
|
9
|
0.05%
|
81
|
Taiwan
|
10
|
0.02%
|
115
|
Asia Pacific topped the chart of botnet detections globally, accounting for more than 50% of botnet detections. Emerging markets in the region are responsible for the majority of botnet detections, with developed countries accounting for less than 0.5% of global botnet detections.
· There are three APAC countries among the top five countries for botnet detections globally, with five among the top ten. The countries listed in order from most incidences to least are the Philippines, Indonesia, India and Thailand and Malaysia.
· The Philippines was the top country globally for botnet detections, with nearly four times as many detections as the next-ranked country, Indonesia.
· The five APAC countries ranked in the top 10 accounted for nearly half of botnet detections overall.
Ad fraud, adware and ransomware
Ransomware
| |||
Country
|
APAC Rank
|
Detection rate
|
Global ranking
|
India
|
1
|
1.78%
|
9
|
Philippines
|
2
|
1.06%
|
16
|
Thailand
|
3
|
1.01%
|
18
|
Indonesia
|
4
|
0.98%
|
19
|
South Korea
|
5
|
0.61%
|
24
|
Malaysia
|
6
|
0.53%
|
26
|
Japan
|
7
|
0.29%
|
37
|
Singapore
|
8
|
0.20%
|
48
|
Taiwan
|
9
|
0.16%
|
52
|
Hong Kong
|
10
|
0.12%
|
58
|
Adware
| |||
Country
|
APAC Rank
|
Detection rate
|
Global ranking
|
Indonesia
|
1
|
2.29%
|
10
|
South Korea
|
2
|
2.11%
|
11
|
India
|
3
|
1.76%
|
12
|
Thailand
|
4
|
1.4%
|
15
|
Philippines
|
5
|
0.90%
|
20
|
Malaysia
|
6
|
0.60%
|
26
|
Japan
|
7
|
0.44%
|
30
|
Singapore
|
8
|
0.23%
|
45
|
Taiwan
|
9
|
0.18%
|
55
|
Hong Kong
|
10
|
0.15%
|
62
|
Ad Fraud
| |||
Country
|
APAC Rank
|
Detection rate
|
Global ranking
|
India
|
1
|
0.90%
|
9
|
Indonesia
|
2
|
0.53%
|
15
|
Thailand
|
3
|
0.52%
|
16
|
Philippines
|
4
|
0.49%
|
17
|
Malaysia
|
5
|
0.42%
|
20
|
Japan
|
6
|
0.37%
|
22
|
South Korea
|
7
|
0.18%
|
36
|
Taiwan
|
8
|
0.14%
|
40
|
Singapore
|
9
|
0.11%
|
44
|
Hong Kong
|
10
|
0.07%
|
54
|
The Asia Pacific is relatively untouched by ad fraud, adware and ransomware. No individual Asia Pacific country accounted for more than 2.5% of detections globally in these categories.
Malwarebytes warns that cyber criminals are likely to turn towards developed market in the Asia Pacific after their current targets - developed markets in Europe and the US - begin deploying counter measures more actively.
Mobile malware is getting smarter
Android Malware
| |||
Country
|
APAC ranking
|
Detection rate
|
Global ranking
|
Indonesia
|
1
|
6.54%
|
3
|
India
|
2
|
5.04%
|
4
|
Philippines
|
3
|
4.25%
|
6
|
Malaysia
|
4
|
1.89%
|
12
|
Thailand
|
5
|
1.72%
|
16
|
Japan
|
6
|
0.48%
|
33
|
South Korea
|
7
|
0.36%
|
42
|
Singapore
|
8
|
0.33%
|
43
|
Hong Kong
|
9
|
0.26%
|
50
|
Taiwan
|
10
|
0.10%
|
84
|
There is increased use of randomisation utilised by malware authors to evade detection by mobile security engines, leading to increased malware infection rates amongst Android devices globally.
Android malware is particularly rampant in Indonesia, India, the Philippines and Malaysia.
· Three Asia countries (Indonesia, India and Philippines) made the top 10 for Android malware detections globally, accounting for more than 15% of Android malware detections in total.
· The high prevalence of Android malware detections in these countries can be attributed to the extensive use of relatively unsecured third-party app stores amongst consumers.
Risky online banking
Banking Trojan
| |||
Country
|
APAC Rank
|
Detection rate
|
Global ranking
|
Philippines
|
1
|
15.29%
|
1
|
Thailand
|
2
|
7.48%
|
4
|
Indonesia
|
3
|
1.69%
|
11
|
India
|
4
|
1.03%
|
17
|
Malaysia
|
5
|
0.74%
|
23
|
Japan
|
6
|
0.49%
|
30
|
South Korea
|
7
|
0.27%
|
36
|
Hong Kong
|
8
|
0.16%
|
46
|
Taiwan
|
9
|
0.13%
|
49
|
Singapore
|
10
|
0.08%
|
61
|
The Philippines and Thailand accounted for a disproportionately large number of banking Trojan malware detections. The two countries combined accounted for more than 20% of global banking Trojan detections. The Philippines in particular boasted nearly twice as many detections as the next-ranked country, Thailand.
Malware distribution
Cyber criminals continue to distribute malware through email. Phishing attacks, including malicious attachments, had a big comeback in the second half of 2016. However, Malwarebytes predicts that exploit kits (RIG specifically) are likely to become the standard for malware distribution again in the very near future.
Malicious phishing attacks are here to stay, Malwarebytes says, due to new developments in the download and installation of malware originating from phishing emails, as well as the use of macro scripts in Microsoft Office documents.
Hurmuses said, “Whilst our findings illustrate that in general, Asia is not the top continent for cybercriminal attack, we see that the emerging markets in Asia are generally more vulnerable to malware. However, it is likely that as developed markets in Europe and the US begin to take cyber security more seriously we will see cyber criminals looking for new targets amongst Asia Pacific’s developed economies."
 |
| Dolly describes the cyber security landscape in the region. |
Justin Dolly, EVP, Chief Security Officer and CIO, Malwarebytes said that more people in the Asia Pacific region are vulnerable to cyber threats than ever before. Australian banks are still introducing mobile banking, for instance, he said, and the Android devices which many use are easily attacked and conmpromised.
"A lot of people have shifted to using online banking who haven't traditionally used online banking. A lot of people are doing it from mobile devices," he said. "When they are not familiar with the process it is easy to get people to do things that they don't know they are doing wrong."
Interested?
View the global State of Malware report
Read the TechTrade Asia blog post about Malwarebytes' new regional HQ in Singapore
*Malware is the shortened version of “malicious software" and is the generic or umbrella term to refer to any malicious programs or code that are harmful to systems.Malware that was covered include:
Banking Trojans
A Trojan horse (malicious software which lies dormant until activated) which is used to steal confidential information in online banking systems.
|
Ransomware
A type of malware that blocks users from accessing their files until a ransom is paid. It can be done through locking users’ file and/or the system’s screen.
|
Botnets
A type of malware that infects a number of interconnected devices to perform multiple tasks such as denial-of-service attacks (DDOS), spreading spam, Bitcoin mining, click fraud and stealing personal and financial information. It is under the control of a botnet operator that runs or controls the command and control (C&C) servers which direct the devices.
|
Ad fraud
Also called click fraud or click spam, a practice by bad actors, specifically dubious advertising networks, using automated programs—from simple to sophisticated bots and botnets—to interact with advertisements online. The cost of online advertising usually depends on the number times it is displayed and/or the number of clicks generated. Ad fraud artificially inflates the number of clicks an advertisement gets, so the advertiser has to pay more fees.
|
Adware
Software designed to display or download unwanted advertisements, such as banners, automatically when the program is running. Some users may not even realise the advertisement is being displayed if it is shown in a one pixel by one pixel window.
|
Android malware
Malicious software that infects mobile phones which are run under Android operating systems. The malware can make the system collapse or leak confidential information.
|
*The study examined data from more than 1 billion malware detections/incidences, covered at least 100 million Windows and Android devices over 200 countries, in both corporate and consumer environments from June to November 2016. Data was also obtained from Malwarebytes’ internal honeypots and collection efforts to identify malware distribution, not just infections. The research concentrated on six threat categories: ransomware, ad fraud malware, Android malware, botnets, banking Trojans, and adware.
posted from Bloggeroid
No comments:
Post a Comment