Story image

The Philippines & Indonesia are now hotspots for computer worms

25 Jul 17

Amongst political turmoil, Indonesia and the Philippines are now one of the world’s major hotspots for malware infection rates, according to Comodo Threat Research Labs Q2 2017 report.

The report says that the two countries, alongside Russia, were the top locations for worm infections.

The Phillippines felt the brunt of the Brontok Worm, and Comodo says in Q2 worms are now the #2 malware threat based on its total number of detections.

The company says that worms spread worldwide and go after easy targets. They mostly take advantage of older, unpatched and unlicensed software.

Worms tend to do better in countries where the political or economic shape, so worms ‘are an indicator of other types of non-cyber compromise’, the company says.

“Given the nature of worms, what this means is that many networks in these countries do not have nearly enough licensed, patched and professionally managed hardware and software. Part of this problem, of course, is non-cyber and may take years to rectify,” the report says.

Trojans dominate the threat landscape in Australia, Japan and Korea. Upatre was the most common Trojan detection for Q2. Microsoft labelled the Windows-based Trojan as ‘severe’. The Trojan is often attached to spam from the Cutwail botnet and will then try to download Zbot or password-stealing malware Win32/Dyzap.

Viruses were the third most common malware detection type. While not quite as many variations of viruses as were worms, viruses still infected more computers.

The most common virus was Ramnit, which Microsoft says is a ‘severe’ threat to Windows systems. The main Asia-based detection locations included Indonesia, the Philippines and China.

It spreads via executable files such as .exe or .dll files, or removable drives. The virus aims to steal sensitive data, disable security software and make changes to Windows registry settings.

The report says that other viruses such as Sality mainly infected Thailand, and other viruses such as Parite targeted individual countries – in this case, Portugal.

Backdoors were the fourth most common infection type. While it has a smaller family size, Comodo says it is a highly complex malware type. DarkKomet remains dominant, however Rbot was spotted infecting Singapore.

The report also says that attackers are looking towards online services and IT providers because attacks there will have ripple effects elsewhere.

“By compromising the software that is used by millions of users around the world, attackers can increase the number and variety of victims to a virtually unlimited number. Today, nearly all financial transactions are accomplished via digital means and even critical infrastructures are managed remotely by information technology,” the report concludes.

ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
It's time to rethink your back-up and recovery strategy
"It is becoming apparent that legacy approaches to backup and recovery may no longer be sufficient for most organisations."
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.
Don’t let your network outgrow your IT team
"IT professionals spend less than half of their time at work optimising their networks and beefing it up against future security threats."
Three access management trends making waves in APAC
Consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.