Almost one in four Australians have been attacked by cybercriminals in the past three months, with attacks via web browsers the primary method for spreading malicious programs.
That's according to the latest Kaspersky IT Threat Evolution Report Q1, 2014, which identified sources of malware proliferation on the internet, showed the extent and nature of threats affecting Australian users, as well as threats originating from Australia. In the past three months, the computer security firm detected 1,851,586 internet-borne malware incidents on the computers of Kaspersky Security Network (KSN) participants in Australia. Overall, 22.4 per cent of Australian users were attacked by web-borne threats during this period. Attacks via browsers were the primary method for spreading malicious programs.
The two primary methods used most often by cybercriminals to penetrate Australian systems involved exploiting vulnerabilities in browsers and their plugins (drive-by download), along with social engineering. The company also detected 3,513,576 local malware incidents on the computers of KSN participants in Australia. Overall, 23.6 per cent of Australian users were attacked by local threats during this period. The use of local infection statistics for user computers is an extremely important indicator of how frequently users are attacked by malware spread via removable USB drives, CDs and DVDs, and other "offline" methods. Worms and file viruses account for the majority of such incidents in Australia. When a Kaspersky Lab customer is attacked by an online threat, Kaspersky records the source of the threat — the location of the malicious objects that tried to infect the system. Based on this data, 330,669 malicious incidents caused by malware hosted in Australia were recorded for the first quarter of 2014. A separate Kaspersky Lab service identified spam messages in global e-mail traffic and tracked their source.
This data revealed the share of spam sent via computers and servers puts Australia in the 59th place worldwide as a source of spam.
The report also confirms the company's predictions made in its 2014 threat forecast report. Kasperky forecasts increasing privacy concerns will lead to greater popularity for VPN services and Tor-anonymisers.
The anonymous Tor network, which is built on a network of proxy servers, offers user anonymity and allows participants to host "anonymous" websites on the .onion domain zone.
These websites are then only accessible through Tor. In February, Kaspersky Lab detected the first Android Trojan that was run through command and control and hosted on a domain in the .onion pseudo-zone. Kaspersky experts predicted cybercriminals would continue to develop tools to steal money.
This was confirmed by the detection of Trojan-SMS.AndroidOS.Waller.a in March.
In the past three months, the number of mobile banking Trojans almost doubled from 1321 to 2503. Kaspersky experts also expected considerable growth in the number of attacks targeting Bitcoin users' wallets, Bitcoin pools and stock exchanges.
Among the more newsworthy was the hack of MtGox, one of the biggest bitcoin exchanges.
Sign up for Computerworld eNewsletters.