Categories: Cyber CrimeMalware

Reading the Malware Trend Report, Q2 2014 issued by RedSocks

RedSocks Malware Research Labs issued the Malware Trend Report Q2 2014, which contains data evolution of principal cyber threats observed in the second quarter of the year.

The Dutch company specializing in Malware detection RedSocks Research Lab. Has published the second quarterly trend report for 2014. The experts have analyzed large numbers of malicious files on a daily basis, to extract key information useful for the identification of Internet-based threats.

The company has processed 7.1 million new and unique malicious files in April, 6.8 million in May and 7.2 million in June.

RedSocks new malicious files q2 2014RedSocks new malicious files q2 2014

Very interesting the data related to detection rate by Anti-Virus software In the same period, there was no meaningful changes respect the previous quarter, the detection rate for the months of the second quarter are:

  • April 75.72 percent
  • May 74.61 percent
  • June 79.76 percent

The data indicate that on average 23 percent of malicious files goes undetected, it is considerable a worrying data that highlight the necessity of a new approach to mitigate cyber threats.

Despite identification rates can change based on samples chosen and time scanned, the experts have noticed a slight improvement for overall detection compared with the previous quarter.

The experts have analyzed the malware trends with specific attention to the following families of cyber threats:

Adware – Experts identified around three million files as Adware, its number dropped from 1.2 million in April to 0.9 million in June.

Backdoor and Botnets – Also in this category of threat the expert noticed a decrease.

Exploits – Only 0,04 percent of files was detected as Exploit in April and 0,02 percent in June, they are essential components in attacks that take advantage of a particular vulnerability in the targeted system. No changes were noticed in the usage of exploit respect previous quarter.

RootkitsMalware researchers detected only one rootkit worth mentioning during the second quarter, the “Rootkit.13610”, In the first quarter they saw a slight drop in rootkits that continued in the second quarter.

Trojans – In April and May the expert detected up for 2.9 million on malicious file, in June the number is passed up to 3.4 million unique files.

“Trojans are by far the biggest category of Malware. With more than 9.1 million new unique samples in the second quarter of this year, they amounted to 43 percent of the total.”

Worms – It is the second most popular category of malware, the number of worm files is passed from 554,000 in to 394,000 in June.

The experts grouped all the other threats in a category dubbed “Others” which includes Flooders, HackTools, Spoofers, Spyware, Viruses. The malicious files belonging to this category accounted for 31, 35, and 34 percent of the total for April, May, and June,respectively.

The report also provides an interesting analysis of Geolocation of cyber threats, most C&C servers were hosted in the US, followed by the Russian Federation.

“The Netherlands was the biggest riser in countries hosting C&C servers going from 8th place in March and April, to 6th place in May, and finishing on 5th place in June.” States the report.

For further details, give a look to the report.

Pierluigi Paganini

(Security Affairs – RedSocks, malware)  

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Meta stopped covert operations from Iran, China, and Romania spreading propaganda

Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…

14 hours ago

US Treasury sanctioned the firm Funnull Technology as major cyber scam facilitator

The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…

23 hours ago

ConnectWise suffered a cyberattack carried out by a sophisticated nation state actor<gwmw style="display:none;"></gwmw><gwmw style="display:none;"></gwmw>

ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its…

1 day ago

Victoria’s Secret ‘s website offline following a cyberattack

Victoria’s Secret took its website offline after a cyberattack, with experts warning of rising threats…

2 days ago

China-linked APT41 used Google Calendar as C2 to control its TOUGHPROGRESS malware

Google says China-linked group APT41 controlled malware via Google Calendar to target governments through a…

2 days ago

New AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor.

GreyNoise researchers warn of a new AyySSHush botnet compromised over 9,000 ASUS routers, adding a…

2 days ago