Reading the Malware Trend Report, Q2 2014 issued by RedSocks

RedSocks Malware Research Labs issued the Malware Trend Report Q2 2014, which contains data evolution of principal cyber threats observed in the second quarter of the year.

The Dutch company specializing in Malware detection RedSocks Research Lab. Has published the second quarterly trend report for 2014. The experts have analyzed large numbers of malicious files on a daily basis, to extract key information useful for the identification of Internet-based threats.

The company has processed 7.1 million new and unique malicious files in April, 6.8 million in May and 7.2 million in June.

Very interesting the data related to detection rate by Anti-Virus software In the same period, there was no meaningful changes respect the previous quarter, the detection rate for the months of the second quarter are:

• April 75.72 percent
• May 74.61 percent
• June 79.76 percent

The data indicate that on average 23 percent of malicious files goes undetected, it is considerable a worrying data that highlight the necessity of a new approach to mitigate cyber threats.

Despite identification rates can change based on samples chosen and time scanned, the experts have noticed a slight improvement for overall detection compared with the previous quarter.

The experts have analyzed the malware trends with specific attention to the following families of cyber threats:

Adware – Experts identified around three million files as Adware, its number dropped from 1.2 million in April to 0.9 million in June.

Backdoor and Botnets – Also in this category of threat the expert noticed a decrease.

Exploits – Only 0,04 percent of files was detected as Exploit in April and 0,02 percent in June, they are essential components in attacks that take advantage of a particular vulnerability in the targeted system. No changes were noticed in the usage of exploit respect previous quarter.

Rootkits – Malware researchers detected only one rootkit worth mentioning during the second quarter, the “Rootkit.13610”, In the first quarter they saw a slight drop in rootkits that continued in the second quarter.

Trojans – In April and May the expert detected up for 2.9 million on malicious file, in June the number is passed up to 3.4 million unique files.

“Trojans are by far the biggest category of Malware. With more than 9.1 million new unique samples in the second quarter of this year, they amounted to 43 percent of the total.”

Worms – It is the second most popular category of malware, the number of worm files is passed from 554,000 in to 394,000 in June.

The experts grouped all the other threats in a category dubbed “Others” which includes Flooders, HackTools, Spoofers, Spyware, Viruses. The malicious files belonging to this category accounted for 31, 35, and 34 percent of the total for April, May, and June,respectively.

The report also provides an interesting analysis of Geolocation of cyber threats, most C&C servers were hosted in the US, followed by the Russian Federation.

“The Netherlands was the biggest riser in countries hosting C&C servers going from 8^th place in March and April, to 6th place in May, and finishing on 5th place in June.” States the report.

For further details, give a look to the report.

Pierluigi Paganini

(Security Affairs – RedSocks, malware)