Almost one fifth of computers in the world had to face a malware attack at least once
There has been an increase in the number of malware attacks utilising exploits - the technology of Kaspersky Lab blocked over 5 million of these attacks in the monitored period (April - June 2017). A total of 342 million harmful attacks were revealed (and stopped), originating from 191 countries of the word (slightly less than the previous period when there were almost 480 million).
Most users were attacked in countries such as Algeria (29.15%), Albania (26.57%) and Belarus (25.62%), and the top twenty include Ukraine (24.28%), Romania (22.86%), or Greece (22.38%).
The safest online environment is enjoyed by users in Cuba (5%), Japan (7.56%), Finland (11.32%), Singapore (11.49%) or Israel (13.81%), from the perspective of intensity of malware attacks (fewest attacks in 2nd quarter of 2017)
Key findings
There has been an increase in the number of malware attacks utilising exploits - the technology of Kaspersky Lab blocked over 5 million of these attacks in the monitored period (April - June 2017). A total of 342 million harmful attacks were revealed (and stopped), originating from 191 countries of the word (slightly less than the previous period when there were almost 480 million).
Most users were attacked in countries such as Algeria (29.15%), Albania (26.57%) and Belarus (25.62%), and the top twenty include Ukraine (24.28%), Romania (22.86%), or Greece (22.38%).
The safest online environment is enjoyed by users in Cuba (5%), Japan (7.56%), Finland (11.32%), Singapore (11.49%) or Israel (13.81%), from the perspective of intensity of malware attacks (fewest attacks in 2nd quarter of 2017)
Internet flooded with exploits
An exploit is a type of malware that takes advantage of software errors to infect devices with harmful code. Some examples are a banking Trojan horse, ransomware or cyberespionage malware. Cybernetic attacks where exploits are used are among the most effective because they do not require interaction with the user. This means that they can infect devices with dangerous harmful code without the user even knowing about it. That is why these tools are very popular among cybercriminals on various levels (focusing on common users, but also large corporate targets).
In the second quarter of 2017, the internet was literally flooded with exploits that had leaked to the web from various archives. This massive wave was launched by a group known as Shadow Brokers by publishing an archive of so-called Lost in Translation, which contained the list of exploits applicable to various versions of Windows operating system.
Even though in cases of greater vulnerability this is not a so-called zero-day attack and a Microsoft security update that eliminated this vulnerability was released a month before the attack on the web, their publication had catastrophic consequences. The average number of attacks per day is constantly rising - up to 82% of all known attacks were revealed only during the last 3- days of the second quarter.
Damages caused by malware using exploits from archives as well as the number of infected users exceeds the number to date - just recall the massive attacks like ExPetr and WannaCry. Another example is the vulnerability CVE-2017-0199 as part of Microsoft Office, which was discovered at the beginning of April. Despite the fact that the patch for this vulnerability was issued in the very same month, the number of attacked users reached 1.5 million. In total, as many as 71% of attacks on those users abused the vulnerability CVE-2017-0199.
“The threat landscape of Q2 provides yet another reminder that a lack of vigilance is one of the most significant cyber dangers. While vendors patch vulnerabilities on a regular basis, many users don’t pay attention to this which results in massive-scale attacks once the vulnerabilities are exposed to the broad cybercriminal community,” notes Alexander Liskin, security expert at Kaspersky Lab.
Share
article
