Kuala Lumpur (30 September 2013) – The prevalence of pirated versions ofWindows XP and legacy systems that prevent operating systems (OS) upgrades has led to a continued rise of the computer worm:WIN32/Downadup threats affecting old platforms, especially unpatched Windows XP systems. According to F-Secure’s latest Threat Report H1 2013 which was published recently, more than 20,000 attacks related to the Downadup worm were detected in Malaysia between January to September 2013.
The report also found that mobile malware is becoming increasingly widespread among Malaysian mobile users, owing to the growing popularity of Android platforms. The number of Android malware has doubled each year since 2011, and about 77% of the new mobile malware is profit-motivated.
The continued increase of threats from WORM:WIN32/Downadup, also known as Conficker, in Malaysia points to two possibilities, according to F-Secure Malaysia Security Advisor, Goh Su Sim.
“This five-year-old virus, which spreads through the Windows system, is still prevalent today and affects older platforms, especially Windows XP systems that are unpatched,” said Goh. “This means two things: One, pirated versions of Windows XP are widely available in Malaysia. Of course, when you use non-original versions, you most likely cannot connect to the latest updates to update your system and this can result in your system being vulnerable to attacks. Two, there are a lot of Legacy applications running, for example in banks, which prevent OS upgrades.” He added that the top 10 most infected cities in Malaysia are Kajang, Kuala Lumpur and Batu Caves.
While the worm is known to wreak havoc on the OS, Goh stressed that the solution was relatively simple, and that is to patch systems to avoid potential disasters.
“Microsoft issued a patch for the threat in 2008 when they detected the vulnerability in their software. Unfortunately, a lot of IT administrators and personnel here are not doing enough patching to keep their servers or systems up to date. Hackers are quick to take advantage of these loopholes. It’s like having a door with a lock that doesn’t work, and you know it’s not been working for the past five years, but you haven’t done anything to fix it.”
In addition to updating the patches, another recommendation according to Goh, is to minimize the attack surface. For example, because of the high vulnerability of Java plug-ins, users are recommended to disable or uninstall Java if we do not use it, as not all programs require Java to run.
Growing Threat: Mobile Malware
Hackers are starting to turn their focus to mobile devices as there is now money to be made hacking smartphones as well. According to F-Secure’s Threat Report, the number of Android malware has been doubling year on year since 2011, and doubled further in H1 2013 from the previous year.
“This reflects the speed of which people have started adopting Android platforms and in tandem, how fast viruses are being written for them. It’s not so much about which platform is safer, rather, because more than 70% of the market is now made up of Android users, hackers tend to focus on the larger share of the pie,” explained Goh.
358 new families and variants of Android malware were discovered by F-Secure Labs in H1 2013, nearly doubling the total number of malware the Labs has ever discovered, to 793. Symbian followed with 16 new families and variants discovered, while no new families or variants were discovered on other mobile platforms.
Goh added that most, about 77%, of the new malware for smartphones has been found to be profit-motivated. “Malaysian mobile users are hit by potentially unwanted applications such as adware and money-stealing viruses known as premium SMS malware. Your smartphone today contains more information than your PC – it knows your lifestyle and habits, and marketing companies love this information. There are viruses that track all your information and sell it to marketing companies,” he said.
APT Threats and Mac Malware
Mac OS platforms are no longer strangers to malware. In the first six months of 2013, there have been 33 new families or variants of malware detected on Mac OS platforms. This is largely due to the growing popularity of Mac OS in the market and also the over-confidence of users that Macs are immune to viruses. About 57.6% of Mac malware are Backdoors, while 36.4% are Trojans.
APT threats have also become a major talked-about threat to the data security of organisations and industries and now F-Secure Labs has constructed a rough overall picture of the kind of victims APT attackers are targeting. For details on that study plus the latest in Mac malware, phishing, and more, refer to the complete Threat Report H1 2013 .