Perhaps this operation will make its way into the next Mission Impossible flick. Cybersecurity researchers and law enforcement authorities in 30 countries kicked off December by bringing down one of the largest botnet infrastructures in the world. This massive joint operation, dubbed Avalanche, resulted in 800,000 domains blocked, 39 servers seized and another 221 put offline. The botnet infected as many as 500,000 computers daily, which were then used to launch global malware attacks. Motherboard adds the infrastructure was active for the past seven years, and victims included more than 40 major financial institutions, while loses amounted to “hundreds of millions of dollars”. Researchers also found 20 different malware families on the servers, with names that would make budding rock bands proud — Marcher, Dridex, Matsnu, Pandabanker, Cerber, Teslacrypt…
But if none of these names work for your upcoming band, you could procure a longer — much longer — list from Kaspersky Lab. The company sent us a press release today, announcing that its cloud malware database has crossed a billion inhabitants. Yes, billion! These malicious objects include viruses, Trojans, backdoors, ransomware, advertisement applications and their components. And in case you are wondering how the researchers at Kaspersky Lab managed to grab so many of these unsavoury types, well, they had help from Astraea — this machine-learning based malware analysis system discovered and identified a fifth of the billion malware.
As the company points out, the number of cyberthreats appearing every day is now so big that it is impossible to process each one of them manually. And to give you a sense of the massive scale we are looking at, Kaspersky Lab reveals that the number of new malicious files discovered has increased from 70,000 files a day in 2011 to 323,000 a day in 2016. The grunt work is increasingly being done by Astraea — the percentage of malware discovered by it has grown from 7.53 per cent in 2012 to 40.5 per cent in December 2016.
Vyacheslav Zakorzhevsky, Head of Anti-Malware Team at Kaspersky Lab, points out that “one billion unique malicious files is a remarkable milestone. “It shows the scale of the cybercriminal underground, which has developed from several small forums offering customised malicious tools, to the mass production of malware and tailored cybercriminal services,” he says.
Similarly, Symantec’s 2016 Internet Security Threat Report (PDF file), reveals the company discovered more than 430 million new unique pieces of malware in 2015, up 36 per cent from the year before. The report adds, “Attacks against businesses and nations hit the headlines with such regularity that we’ve become numb to the sheer volume and acceleration of cyberthreats.” And as the internet of things enters your kitchen, bathroom and even your shoes and socks, expect that number to explode further. Warns the Symantec report, “If the internet of things is to deliver the promised $2 trillion economic benefit, designers and manufacturers have to address fundamental security challenges. The prospects, however, are not good.”
Q3 2016 figures from Kaspersky Security Network (KSN)
- Kaspersky Lab solutions detected and repelled 171,802,109 malicious attacks from online resources located in 190 countries all over the world.
- 45,169,524 unique URLs were recognized as malicious by web antivirus components.
- Kaspersky Lab’s web antivirus detected 12,657,673 unique malicious objects: scripts, exploits, executable files, etc.
- Attempted infections by malware that aims to steal money via online access to bank accounts were registered on 1,198,264 user computers.
- Crypto ransomware attacks were blocked on 821,865 computers of unique users.
- Kaspersky Lab’s file antivirus detected a total of 116,469,744 unique malicious and potentially unwanted objects.
- Kaspersky Lab mobile security products detected:
- 1,520,931 malicious installation packages;
- 30,167 mobile banker Trojans (installation packages);
- 37,150 mobile ransomware Trojans (installation packages).