Cyber attacks looming large over India: Quick Heal Malware Report
Mumbai, January 3, 2013: The Quick Heal Annual Windows and Mobile Malware Report, 2012, released by Quick Heal Technologies, a leading player in India’s anti-virus segment with about 35% market share, clearly reveals that India is under the grip of cyber attacks. The Quick Heal Research shows rapid increase of almost 90% in Windows malware and a mind-boggling increase of 170% in its modifications. The bad guys are also winning the war in the Mobile platform and have swarmed India. Virus attacks in the Mobile space have also started soaring at a rapid pace with 30% growth registered in 2012 and a phenomenal 80% increase in its modifications. The Mobile device malware has also reached a new stage of evolution, the Quick Heal Report said.
The Quick Heal Report, created by the Research and Development center of Quick Heal Technologies – one of the oldest R&D centers in India — is one of the comprehensive first-hand quantitative researches of its kind centered on India.
The findings from Quick Heal’s Annual Malware Report show that though PC is still the prevalent target for malware authors today, there is an obvious peak in the growth of malware and their modifications on mobile devices, especially on the Android platform. As per the findings, there has been a persistent increase in the number of malware attacks especially on the Google Android platform and Mobile applications have become the easiest way to compromise devices. Over 25 billion apps were downloaded from Google Play in 2012, which make applications easy and profitable attack vehicles. The Quick Heal database also reported an increase of 80% in mobile malware modifications or variations in 2012. According to the Report, social engineering still remains one of the most coveted ways of spreading malware. Cyber criminals continue to use it as a convenient way of exploiting human behavior and platform vulnerabilities.
Commenting on the findings of the research, Sanjay Katkar, Technical Director and CTO, Quick Heal Technologies, said “Windows is still the most attacked Operating System. 2012 saw numerous attacks that were devised for windows vulnerabilities. Cybercriminals have leveraged zero-day exploits even more effectively with new software patterns and business models. The web is still the most conventional way of targeting victims. It is pivotal that our efforts are driven to educate, inform and create awareness among the end users because as people embrace newer platforms and devices there are more and more who end up at the wrong end of attacks”.
On the influx of Mobile malware, Katkar observed that “It is no longer restricted to the global scenario alone but has aggressively penetrated in India as well. This combined with the concerns of lost and stolen devices emphasize the fact that it is about time that Mobile security is taken seriously. People still prefer convenience over security and this is not an issue that is restricted to the victims alone but it now engulfs almost everyone with a Smartphone. Security here implies the right mixture of a robust tool to manage devices and apps and protecting the data, passwords and usernames. At Quick Heal, educating and informing our users is just as important as creating innovative security products that are simple and easy to use”. Katkar informed that the R&D centre of Quick Heal receives about over 165000 and 5000 malware samples in the Windows and Mobile platforms respectively on a daily basis.
According to the key findings of Quick Heal Windows Malware Report, there has been a 90% growth in Windows malware in 2012 as compared to 2011 and malware attacks are more sophisticated and often combine exceptional technical dexterity. The Report said that the attacks are financially motivated and targeted at newer victims who land up on the wrong side of payment extractions. It said Trojans and backdoors comprised the vast majority of malware at 68 percent and 13 percent respectively, while virus and worms and comprised 14 percent of samples received and adware took up 5 percent. The malware modification samples saw an astounding jump of 170% in 2012. This implies that cybercriminals were focused on weak spots and developed techniques that exploit and use it till it becomes ineffective and move on to newer exploits. New vulnerabilities assaulted Java browser plug-ins in all leading browsers. Socially engineered emails and poisoned web pages were disguised in the form of fake-antivirus software that froze PCs asking for money to register and remove the virus threat, the Quick Heal Report pointed out.
On the Mobile platform, the Quick Heal Report said, the malware attacks are financially motivated. What is particularly disturbing is that most of the malware families are being designed to steal money from the victim. The Report reveals that Trojans and SMS Trojans comprised the vast majority of Mobile malware attacking the mobile devices at 21 percent and 38 percent respectively. While Rooters and adware comprised 14.26 percent and 14.12 percent of the pie.
The malware modification samples in Mobile platform saw a jump of almost 80% in the year 2012. This implies that new types of attacks are being designed and implemented and most of them are targeted to steal money and valuable identity information that could later be sold to aggressive advertising networks or some remote servers and in some cases the malware intelligently uses obfuscation. The most common attack vehicles are fake applications. Exploits like the Android.BoxerSms disguise themselves as popular apps like Opera Browser, Angry Birds etc. In addition to the rising threat of malware, consumers and enterprises remain susceptible to lost or stolen devices.
The top Android malware circulating in the Indian Mobile device threat scenario as received by Quick Heal R&D center are Android.BoxerSms, Android.GingerMaster, Android.Airpush(Adware), Android. Kungfu, Android. Leadbolt(Adware), Android.Kmin, Android.BaseBridge, Android.GoldDream, Android.Ksappand Android.Plankton(Adware)
On the Windows platform, the Quick Heal Report mentions that piracy is big problem in India and is also a prominent carrier of malware. The CD and other web media like pirated software or movies that are downloaded are accompanied with malware threats. Malware authors still find the Windows platform to be more profitable to exploit. Polymorphic attacks are now evolving into web-distributed malware often hosted on servers that cybercriminals use to create dynamic malware. The report essentially highlights the urgency of protecting data everywhere and taking up more proactive approaches to vulnerabilities, applications, websites and spam.
The top Windows malware circulating in the Indian threat scenario as received by the Research and Development center are W32.Sality.U, W32.Virut.G, Trojan.Starter.yy4, 32.Autorun.Gen, TDSS/Alureon, W32.Ramnit.A, Worm.VB.HA, Rogue.FakeCog.gy and 32.Xpaj.C.
The findings of Quick Heal’s Windows Malware report show an unabated growth in malicious and privacy-compromising vulnerabilities that are rapidly evolving and require a more integrated approach towards stopping the breaches. The Report said that the attacks are no longer restricted to one particular platform highlighting the necessity of complete security that protects users everywhere and whatever device they are using. Enhancement in safe guard technologies like Brower sandboxing, Machine learning technology (that already comes integrated in Quick Heal 2013 version) is also essential.
The Report states that awareness is crucial as risky behavior of the users still remains a major concern for security breaches. Efforts must focus on educating and empowering end users.
In case of the Mobile platform, the findings of the Report show a consistent growth in malicious and privacy-compromising applications as cybercriminals use social engineering, toll fraud and other ways to convert infected devices into cash minting machines. The rapid increase in malware is aggravated by the often inadequate OS patching by mobile device manufacturers and carriers.
The Quick Heal Report observes that Mobile device browsers still have a long way to go as far as balancing usability and security is concerned. This makes mobile users about thrice as vulnerable as desktop browser users to phishing expeditions.