New research from cyber security firm F-Secure points that India is the No. 1 Host Country of Botnet-related malware in Asia and it is also No. 1 in Sality malware (botnet) contributor in Asia in H2 2014. It is also in the Top 3 contributor of the Ramnit malware (botnet related) globally. It furthermore points to an increase in the amount of malware designed to extort money from unsuspecting mobile phone and PC users. According to the new Threat Report, malware such as premium SMS message sending trojans and ransomware continue to spread, making them a notable presence in today’s digital threat landscape.
Amit Nath, Country Manager, F-secure (India & SAARC) commented that, “Hackers are using various malwares like Botnet, Ramnit and Autorun etc. to hack into various devices to steal data, banking credentials, cookies and other vital information. However in today’s date, Ransomware is the most prominent kind of digital threat and India has become the hub of such malware.”
In line with the recent Europol takedown (February 2015) of the Ramnit botnet infrastructure where 3 million computers were believed to be infected: India was on the top of the list. Ramnit stole banking credentials, cookies and other kinds of personal information from the machines it infected, while it could also open backdoors and steal FTP credentials.
India is also in the Top 3 country of Autorun infection globally. Autorun is a family of worms that spread mostly via infected removables and hard drives, and can perform harmful actions such as stealing data, installing backdoors and so on. Whereas, India performed well in 2014 with one of the lowest contributor of Downadup malware over the years within APAC countries over the last 3 years
259 out of the total 574 known variants of the SmsSend family were identified in the latter half of 2014, making it the fastest growing family of mobile malware. SmsSend generates profits for criminals by infecting Android devices with a Trojan that sends SMS messages to premium-rate numbers. Ransomware also continued to plague mobile users, with the Koler and Slocker families of ransomware identified as the top threats to Android devices.
However the report also pointed towards a positive development in India in terms of malware. It was found that the most detected malware in the 2H of 2014 in the world (37%) has reduced in India over the past 3 years. The report has sited various reasons for the reduced attacks such as:
- Windows XP (EOL) end of life in April of 2014
- More users are moving to new platforms like Windows 8.1 and mobile platforms like Android
India performed well in 2014 by being one of the lowest contributors of Downadup malware over the years within APAC countries.
The full Threat Report is now available on F-Secure’s website, and contains more information on new developments, regional threats, and details regarding the digital threat landscape for the latter half of 2014.
Threat Report H2 2014