Establishing Digital Trust: Don't Sacrifice Security for Convenience
According to the recently-released Kindsight Security Labs Malware Report for Q3 2012 [PDF file], 13 percent of home networks in North America were infected in the third quarter of 2012 (that's a slight decrease from 14 percent in Q2), and 6.5 percent were infected with high-level threats such as bots, rootkits and banking Trojans.
"Some 2.2 million home networks worldwide are infected with malware controlled by the ZeroAccess botnet, the report estimated," writes PCWorld's John P. Mello Jr.
"The ZeroAccess botnet has grown significantly to become the most active botnet we’ve measured this year," Kevin McNamee, Kindsight Security Labs' security architect and director, said in a statement. "Cybercriminals are primarily using it to take over victim computers and conduct ad-click fraud. With ZeroAccess, they can mimic the human behavior of clicking online ads, resulting in millions of dollars of fraud."
"Due to the sophisticated behavior of ZeroAccess, infections could be costing advertisers $900,000 per day," writes ZDNet's Charlie Osborne. "Kindsight asked an Internet advertising expert to have a look at the network traffic generated through a 24 hour ZeroAccess behavior analysis, and the expert suggested that 18 out of 140 clicks would likely have resulted in the advertiser paying for the click."https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
"The TDL-4 botnet was the second most active botnet in Q3," writes Dark Reading's Kelly Jackson Higgins. "The rootkit-based bot is relatively stealthy, hiding within the master boot record of the infected machine and eluding antivirus applications. TDL-4 is known for deleted competing malware from the machines it infects, and its newest iteration has infected nearly 10 percent of the Fortune 500."
"Kindsight’s numbers come from sensors placed on customer ISP networks," writes Threatpost's Michael Mimoso. "The sensors look at network traffic for signs of malware infections and either alert the ISP or can, on a per-subscription basis, alert the ISP’s customer of a problem."