Malwarebytes Releases Asia Pacific State of
Malware Report
Malware Report
Asia Pacific a Hotbed for Android Malware,
Botnets and Banking Trojans
Botnets and Banking Trojans
SINGAPORE – March 27,
2017 – Malwarebytes™, the leading advanced malware prevention and remediation
solution, today in conjunction with the launch of their regional headquarters
in Singapore, announced the release of the inaugural Asia
Pacific State of Malware Report 2017. The report examines the top malware
threats present in the region for 2016. The findings illustrate a significant
shift in cybercriminal attack and malware methodology from previous
years.
2017 – Malwarebytes™, the leading advanced malware prevention and remediation
solution, today in conjunction with the launch of their regional headquarters
in Singapore, announced the release of the inaugural Asia
Pacific State of Malware Report 2017. The report examines the top malware
threats present in the region for 2016. The findings illustrate a significant
shift in cybercriminal attack and malware methodology from previous
years.
The study reveals that ransomware,
ad fraud and botnets have risen to prominence in the current threat landscape.
Particularly in Asia Pacific, botnets reigned supreme with the region
accounting for more than 50% of botnet incidences globally. Furthermore, Android
malware was also present in significant numbers in the region, with the top
three countries accounting for 15% of detections globally. Banking
Trojans were also rampant – the region comprised more than a quarter (27%) of
detections across the globe.
ad fraud and botnets have risen to prominence in the current threat landscape.
Particularly in Asia Pacific, botnets reigned supreme with the region
accounting for more than 50% of botnet incidences globally. Furthermore, Android
malware was also present in significant numbers in the region, with the top
three countries accounting for 15% of detections globally. Banking
Trojans were also rampant – the region comprised more than a quarter (27%) of
detections across the globe.
The study examined data from more
than one billion malware detections/incidences, covered more than 100 million
devices over 200 countries, in both corporate and consumer environments. Data
was also obtained from Malwarebytes’ internal honeypots and collection efforts
to identify malware distribution, not just infections.
than one billion malware detections/incidences, covered more than 100 million
devices over 200 countries, in both corporate and consumer environments. Data
was also obtained from Malwarebytes’ internal honeypots and collection efforts
to identify malware distribution, not just infections.
Malware that was covered include:
|
· Banking Trojans
A malicious program as a form of Trojan horse which is used to
steal confidential information in online banking systems. |
· Ransomware
A type of malware that block users from accessing their system
until a ransom is paid. It can be done through locking users’ file and/or system’s screen. |
|
· Botnets
A type of malware that infects a number of
interconnected devices to perform multiple tasks such as denial-of-service attacks ( DDOS ) , spreading spam, bitcoin mining, clickfraud and stealing personal and financial information. It is under the control of a botnet operator that runs or controls the C&C (command and control) server(s). |
· Ad fraud
Also, called click fraud or click spam,
is a practice by bad actors, specifically dubious advertising networks, wherein they deliberately use automated programs—from simple to sophisticated bots and botnets—to interact with advertisements online. |
|
· Adware
Software designed to display or download unwanted
advertisements, such as banners, automatically when the program is running. |
· Android malware
A malicious software that infects mobile phones which are run
under Android operating systems through making the system collapse or confidential information leakage. |
Jeff Hurmuses, Area Vice President
and Managing Director, Asia Pacific, Malwarebytes said, “To protect users in
Asia Pacific from cyber criminals, we must possess an intimate understanding of
their methodologies and tactics.”
and Managing Director, Asia Pacific, Malwarebytes said, “To protect users in
Asia Pacific from cyber criminals, we must possess an intimate understanding of
their methodologies and tactics.”
He added, “In Asia Pacific, we are
seeing that botnets are particularly rampant. A particularly sneaky malware –
botnets can remain undetected for long periods of time and expose users to
other malware threats and infections. As individuals and businesses become more
reliant on computing in their professional and daily life, it is imperative
they remain aware of new cyber attack methodologies and how they can impact
them.”
seeing that botnets are particularly rampant. A particularly sneaky malware –
botnets can remain undetected for long periods of time and expose users to
other malware threats and infections. As individuals and businesses become more
reliant on computing in their professional and daily life, it is imperative
they remain aware of new cyber attack methodologies and how they can impact
them.”
Total Malware
Detections
Detections
Asia Pacific
contributed significantly to the total number of malware infections detected
globally, with 3 countries amongst the top 10 countries with most malware
infections globally. This includes Indonesia, India and the Philippines, which
ranked fourth, seventh and eighth on the global rankings respectively.
contributed significantly to the total number of malware infections detected
globally, with 3 countries amongst the top 10 countries with most malware
infections globally. This includes Indonesia, India and the Philippines, which
ranked fourth, seventh and eighth on the global rankings respectively.
Emerging markets
in Asia Pacific such as Indonesia, India, Philippines, Thailand and Malaysia
proved to be more susceptible to malware infections than their counterparts.
Whilst there are several factors that could be responsible for this
distribution, this finding may also partially be due to the large number of
third party app stores utilized by consumers as well as the presence of pirated
software within the markets.
in Asia Pacific such as Indonesia, India, Philippines, Thailand and Malaysia
proved to be more susceptible to malware infections than their counterparts.
Whilst there are several factors that could be responsible for this
distribution, this finding may also partially be due to the large number of
third party app stores utilized by consumers as well as the presence of pirated
software within the markets.
Asia Pacific is relatively safe
from Ad Fraud, Adware and Ransomware
from Ad Fraud, Adware and Ransomware
The Asia Pacific is relatively
untouched by ad fraud, adware and ransomware. With no individual Asia Pacific
country accounting for more than 2.5% of detections globally in these
categories.
untouched by ad fraud, adware and ransomware. With no individual Asia Pacific
country accounting for more than 2.5% of detections globally in these
categories.
However, we have noticed that cyber
criminals are extensively targeting developed markets in Europe and the US with
ransomware, ad fraud and adware. As these malware provide a source of direct
profit these cybercriminals are likely to turn their attention towards
developed markets in the Asia Pacific once Europe and the US begin deploying
counter measures more actively.
criminals are extensively targeting developed markets in Europe and the US with
ransomware, ad fraud and adware. As these malware provide a source of direct
profit these cybercriminals are likely to turn their attention towards
developed markets in the Asia Pacific once Europe and the US begin deploying
counter measures more actively.
The Philippines is
a Botnet Haven
a Botnet Haven
Asia Pacific
topped the chart of botnet detections globally, accounting for more than 50% of
botnet detections. Emerging markets in the region responsible for the majority
of botnet detections, with developed countries accounting for less than 0.5% of
global botnet detections.
topped the chart of botnet detections globally, accounting for more than 50% of
botnet detections. Emerging markets in the region responsible for the majority
of botnet detections, with developed countries accounting for less than 0.5% of
global botnet detections.
· There are three APAC countries among the top five
countries for botnet detections globally, with five among the top ten. The
countries listed in order from most incidences to least are the Philippines,
Indonesia, India and Thailand and Malaysia.
countries for botnet detections globally, with five among the top ten. The
countries listed in order from most incidences to least are the Philippines,
Indonesia, India and Thailand and Malaysia.
· The
Philippines was the top country globally for botnet detections, with nearly 4
times as many detections as the second ranked country, Indonesia.
Philippines was the top country globally for botnet detections, with nearly 4
times as many detections as the second ranked country, Indonesia.
· The
five APAC countries ranked in the top 10 accounted for nearly half of botnet
detections overall.
five APAC countries ranked in the top 10 accounted for nearly half of botnet
detections overall.
Mobile malware is
getting smarter
getting smarter
In our research,
we have observed increased use of randomization utilized by malware authors to
evade detection by mobile security engines, leading to increased malware
infection rates amongst android devices globally.
we have observed increased use of randomization utilized by malware authors to
evade detection by mobile security engines, leading to increased malware
infection rates amongst android devices globally.
Android malware is
particularly rampant in Indonesia, India, the Philippines and Malaysia.
particularly rampant in Indonesia, India, the Philippines and Malaysia.
· Three
Asia countries (Indonesia, India and Philippines) made the top 10 for Android
malware detections globally, accounting for more than 15% of Android malware
detections in total.
Asia countries (Indonesia, India and Philippines) made the top 10 for Android
malware detections globally, accounting for more than 15% of Android malware
detections in total.
· The
high prevalence of Android malware detections in these countries can be
attributed to the extensive use of relatively unsecured third-party app stores
amongst consumers.
high prevalence of Android malware detections in these countries can be
attributed to the extensive use of relatively unsecured third-party app stores
amongst consumers.
Risky online
banking
banking
The Philippines
and Thailand accounted for a disproportionately large amount of banking Trojan
malware detections. The two countries combined accounted for more than 20% of
global banking Trojan detections. The Philippines in particular boasted nearly
twice as many detections as the second ranked country, Thailand.
and Thailand accounted for a disproportionately large amount of banking Trojan
malware detections. The two countries combined accounted for more than 20% of
global banking Trojan detections. The Philippines in particular boasted nearly
twice as many detections as the second ranked country, Thailand.
Malware
distribution
distribution
In examining
malware distribution over the years, we have observed only one stable truth of
malware development: distribution through email. Phishing attacks, including
malicious attachments, had a big comeback in the second half of 2016. However,
we predict that exploit kits (RIG specifically) are likely to become the
standard for malware distribution again in the very near future.
malware distribution over the years, we have observed only one stable truth of
malware development: distribution through email. Phishing attacks, including
malicious attachments, had a big comeback in the second half of 2016. However,
we predict that exploit kits (RIG specifically) are likely to become the
standard for malware distribution again in the very near future.
We will not see
malicious phishing attacks disappear. Due to the new developments in the
download and installation of malware originating from phishing emails, as well
as the use of macro scripts in Microsoft Office documents, this method of
attack will continue at steady levels throughout the rest of the year, likely
with increased sophistication
malicious phishing attacks disappear. Due to the new developments in the
download and installation of malware originating from phishing emails, as well
as the use of macro scripts in Microsoft Office documents, this method of
attack will continue at steady levels throughout the rest of the year, likely
with increased sophistication
Hurmuses said, “Whilst our findings
illustrate that in general, Asia is not the top continent for cybercriminal
attack, we see that the emerging markets in Asia are generally more vulnerable
to malware. However, it is likely that as developed markets in Europe and the
US begin to take cyber security more seriously we will see cyber criminals
looking for new targets amongst Asia Pacific’s developed economies. As
now we have a footprint in Asia, we are excited to be able to go faster and
further in supporting all consumers and businesses in the region, helping them
better protect their online activities. At Malwarebytes, we believe strongly
that everyone deserves a malware free existence.”
illustrate that in general, Asia is not the top continent for cybercriminal
attack, we see that the emerging markets in Asia are generally more vulnerable
to malware. However, it is likely that as developed markets in Europe and the
US begin to take cyber security more seriously we will see cyber criminals
looking for new targets amongst Asia Pacific’s developed economies. As
now we have a footprint in Asia, we are excited to be able to go faster and
further in supporting all consumers and businesses in the region, helping them
better protect their online activities. At Malwarebytes, we believe strongly
that everyone deserves a malware free existence.”
1 Please see appendix for full figures
About The State of Malware Report
To view the full global State of Malware report
for more detailed findings and analysis, visit www.malwarebytes.com/pdf/white-papers/stateofmalware/?ref=pr_mwb.
for more detailed findings and analysis, visit www.malwarebytes.com/pdf/white-papers/stateofmalware/?ref=pr_mwb.
Malwarebytes continues
to research and innovate solutions against the evolving threats faced by all,
whether the computer use is at home or at work. Another recent Malwarebytes
research report on ransomware documented late-2016 trends on this threat from
more than 200 countries. These reports and analysis from Malwarebytes global
telemetry feeds aids the company in developing solutions like Malwarebytes 3.0, a first of its kind. Employing
four independent technology modules—anti-malware, anti-ransomware, anti-exploit
and malicious website protection— Malwarebytes blocks and removes both known
and unknown threats across the globe.
to research and innovate solutions against the evolving threats faced by all,
whether the computer use is at home or at work. Another recent Malwarebytes
research report on ransomware documented late-2016 trends on this threat from
more than 200 countries. These reports and analysis from Malwarebytes global
telemetry feeds aids the company in developing solutions like Malwarebytes 3.0, a first of its kind. Employing
four independent technology modules—anti-malware, anti-ransomware, anti-exploit
and malicious website protection— Malwarebytes blocks and removes both known
and unknown threats across the globe.
Appendix
Study Methodology
Examined data using:
· Almost
one billion malware detections/incidences
one billion malware detections/incidences
· The
June to November 2016 time period only
June to November 2016 time period only
· Nearly
100 million Windows and Android devices
100 million Windows and Android devices
· Over
200 countries
200 countries
· From
both the corporate and consumer environments
both the corporate and consumer environments
· Concentrating
on six threat categories: Ransomware, ad fraud malware, Android malware,
botnets, banking Trojans, and adware
on six threat categories: Ransomware, ad fraud malware, Android malware,
botnets, banking Trojans, and adware
· Malwarebytes’
internal honeypots and collection efforts to identify malware distribution, and
not only infection
internal honeypots and collection efforts to identify malware distribution, and
not only infection
Study Findings
Table 1
|
Total Malware
|
|||
|
Country
|
APAC ranking
|
Detection rate
|
Global ranking
|
|
Indonesia
|
1
|
3.8%
|
4
|
|
India
|
2
|
2.9%
|
7
|
|
Philippines
|
3
|
2.8%
|
8
|
|
Thailand
|
4
|
1.5%
|
14
|
|
Malaysia
|
5
|
1.1%
|
18
|
|
South Korea
|
6
|
1.0%
|
19
|
|
Japan
|
7
|
0.4%
|
35
|
|
Singapore
|
8
|
0.2%
|
47
|
|
Hong Kong
|
9
|
0.2%
|
52
|
|
Taiwan
|
10
|
0.1%
|
63
|
Table 2
|
Botnets
|
|||
|
Country
|
APAC ranking
|
Detection rate
|
Global ranking
|
|
Philippines
|
1
|
28.73%
|
1
|
|
Indonesia
|
2
|
7.72%
|
2
|
|
India
|
3
|
4.59%
|
5
|
|
Thailand
|
4
|
3.39%
|
7
|
|
Malaysia
|
5
|
1.41%
|
10
|
|
Japan
|
6
|
0.32%
|
32
|
|
South Korea
|
7
|
0.24%
|
41
|
|
Singapore
|
8
|
0.07%
|
71
|
|
Hong Kong
|
9
|
0.05%
|
81
|
|
Taiwan
|
10
|
0.02%
|
115
|
Table 3
|
Android Malware
|
|||
|
Country
|
APAC ranking
|
Detection rate
|
Global ranking
|
|
Indonesia
|
1
|
6.54%
|
3
|
|
India
|
2
|
5.04%
|
4
|
|
Philippines
|
3
|
4.25%
|
6
|
|
Malaysia
|
4
|
1.89%
|
12
|
|
Thailand
|
5
|
1.72%
|
16
|
|
Japan
|
6
|
0.48%
|
33
|
|
South Korea
|
7
|
0.36%
|
42
|
|
Singapore
|
8
|
0.33%
|
43
|
|
Hong Kong
|
9
|
0.26%
|
50
|
|
Taiwan
|
10
|
0.10%
|
84
|
Table 4
|
Banking Trojan
|
|||
|
Country
|
APAC Rank
|
Detection rate
|
Global ranking
|
|
Philippines
|
1
|
15.29%
|
1
|
|
Thailand
|
2
|
7.48%
|
4
|
|
Indonesia
|
3
|
1.69%
|
11
|
|
India
|
4
|
1.03%
|
17
|
|
Malaysia
|
5
|
0.74%
|
23
|
|
Japan
|
6
|
0.49%
|
30
|
|
South Korea
|
7
|
0.27%
|
36
|
|
Hong Kong
|
8
|
0.16%
|
46
|
|
Taiwan
|
9
|
0.13%
|
49
|
|
Singapore
|
10
|
0.08%
|
61
|
Table 5
|
Ransomware
|
|||
|
Country
|
APAC Rank
|
Detection rate
|
Global ranking
|
|
India
|
1
|
1.78%
|
9
|
|
Philippines
|
2
|
1.06%
|
16
|
|
Thailand
|
3
|
1.01%
|
18
|
|
Indonesia
|
4
|
0.98%
|
19
|
|
South Korea
|
5
|
0.61%
|
24
|
|
Malaysia
|
6
|
0.53%
|
26
|
|
Japan
|
7
|
0.29%
|
37
|
|
Singapore
|
8
|
0.20%
|
48
|
|
Taiwan
|
9
|
0.16%
|
52
|
|
Hong Kong
|
10
|
0.12%
|
58
|
Table 6
|
Adware
|
|||
|
Country
|
APAC Rank
|
Detection rate
|
Global ranking
|
|
Indonesia
|
1
|
2.29%
|
10
|
|
South Korea
|
2
|
2.11%
|
11
|
|
India
|
3
|
1.76%
|
12
|
|
Thailand
|
4
|
1.4%
|
15
|
|
Philippines
|
5
|
0.90%
|
20
|
|
Malaysia
|
6
|
0.60%
|
26
|
|
Japan
|
7
|
0.44%
|
30
|
|
Singapore
|
8
|
0.23%
|
45
|
|
Taiwan
|
9
|
0.18%
|
55
|
|
Hong Kong
|
10
|
0.15%
|
62
|
Table 7
|
Ad Fraud
|
|||
|
Country
|
APAC Rank
|
Detection rate
|
Global ranking
|
|
India
|
1
|
0.90%
|
9
|
|
Indonesia
|
2
|
0.53%
|
15
|
|
Thailand
|
3
|
0.52%
|
16
|
|
Philippines
|
4
|
0.49%
|
17
|
|
Malaysia
|
5
|
0.42%
|
20
|
|
Japan
|
6
|
0.37%
|
22
|
|
South Korea
|
7
|
0.18%
|
36
|
|
Taiwan
|
8
|
0.14%
|
40
|
|
Singapore
|
9
|
0.11%
|
44
|
|
Hong Kong
|
10
|
0.07%
|
54
|
Definition of Malware
The shortened
version of “malicious software.” Malware is the generic or umbrella term to
refer to any malicious programs or code that are harmful to
systems.
version of “malicious software.” Malware is the generic or umbrella term to
refer to any malicious programs or code that are harmful to
systems.
|
· Banking Trojans
A malicious program as a form of Trojan horse which is used to
steal confidential information in online banking systems. |
· Ransomware
A type of malware that block users from accessing their system
until a ransom is paid. It can be done through locking users’ file and/or system’s screen. |
|
· Botnets
A type of malware that infects a number of
interconnected devices to perform multiple tasks such as denial-of-service attacks ( DDOS ) , spreading spam, bitcoin mining, clickfraud and stealing personal and financial information. It is under the control of a botnet operator that runs or controls the C&C (command and control) server(s). |
· Ad fraud
Also, called click fraud or click spam,
is a practice by bad actors, specifically dubious advertising networks, wherein they deliberately use automated programs—from simple to sophisticated bots and botnets—to interact with advertisements online. |
|
· Adware
Software designed to display or download unwanted advertisements
such as banners automatically when the program is running. |
· Android malware
A malicious software that infects mobile phones which are run
under Android operating systems through making the system collapse or confidential information leakage. |
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
