More than half (51%) of the Web-borne attacks blocked by Kaspersky Lab’s products in the second quarter of 2015 were launched from malicious Web resources in Russia, according to the company’s Q2 cyber-threats report.
Next on the list came the US, the Netherlands, Germany, France, Virgin Islands, Ukraine, Singapore, the UK and China.
During the quarter, 291 800 new mobile malware threat emerged, which is 2,8 times greater than in Q1. There were 1-million mobile malware installation packages in Q2, which is seven times greater than in Q1.
Mobile banking has remained a main target for mobile threats. Kaspersky Lab’s Q1 2015 report mentioned Trojan-SMS.AndroidOS.OpFake.cc which was capable of attacking no less than 29 banking and financial applications.
The Trojan’s latest version that emerged in Q2 is capable of attacking 114 (four times more) banking and financial applications. Its main goal is to steal the user’s login credentials with which to attack, among others, several popular e-mail applications.
There were 5,9-million notifications about attempted malware infections to steal money via online access to bank accounts, which is 800 000 fewer than in Q1.
During the second quarter, Singapore became the leader in the number of Kaspersky Lab users who came under
Web-borne attacks by banking Trojans – 5,3% of all Kaspersky Lab users in Singapore faced this threat over this time period. Next came Switzerland with 4,2%, Brazil (4%), Australia (4%) and Hong Kong (3,7%).
Most countries in the top 10 are technologically advanced and/or have a developed banking system, which attracts the cybercriminals’ attention.
Financial threats are not limited to banking malware programs which attack the clients of online banking systems. Apart from banking malware (83%), financial threats are posed by Bitcoin miners (9%) – these are malware programs that use the victim’s computer’s computational resources to generate bitcoins, as well as bitcoin wallet stealers (6%) and keyloggers (2%).
In Q2, Kaspersky Lab’s Global Research and Analysis Team disclosed four cyberespionage campaigns: CozyDuke, Naikon, Hellsing and Duqu 2.0. The victim toll includes government agencies, commercial companies and other high-level targets.
The second quarter has also demonstrated the cybercriminals’ interest in SMEs, which were targeted by the cyberespionage campaign Grabit. Cybercriminals focused on such economic sectors as chemical industry, nanotechnologies, education, agriculture, mass media and construction.
“In Q2 we launched an important initiative called Securing Smart Cities, which aims to help those responsible for developing smart cities to do so without forgetting about cybersecurity. If security measures are not planned at the development stage, that could have serious implications later, and retro-fitting security might not be a straightforward task,” comments Alexander Gostev, chief security expert at Kaspersky Lab’s Global Research and Analysis Team.
According to KSN data, Kaspersky Lab solutions detected and repelled a total of 379,9-million malicious attacks from online resources located all over the world – this is 19% lower than in Q1.
During the three month period, an average of 23,9% of Internet users’ computers across the world came under a Web-borne attack at least once. This is 2,4 percentage points lower than in Q1.
Meanwhile, 26-million unique malicious objects were detected, which is 8,4% lower than in Q1. The script AdWare.JS.Agent.bg was the most widespread of them, injected by adware programmes into arbitrary Web pages.