Story image

Dodging bullets: Australia's top malware threats according to Microsoft

11 Oct 2017

Australia is dodging many dangerous malware variants that are causing trouble around the globe, according to Microsoft’s latest Security Intelligence Report.

The report analyses data collected between January and March 2017 from administrators who have opted to share information from Microsoft security programs and services running on their computers.

3.5% of Australian computers encountered malware in March 2017, less than half the global encounter rate of 7.8%.

Australian computers were not completely immune from malware, however, as they encountered many malicious Trojans, downloaders and droppers and other malware.

According to the report, Trojan activity peaked in both Australia and in the global threat landscape. They affected 3.28% of all computers in March; a jump from 2.68% in February. The worldwide threat encounter rate hit more than 6%.

0.6% of Australian computers faced malware downloaders and droppers, up from 0.52% in February. Viruses also affected 0.4% of all computers, also an increase from 0.34% in February.

The top malicious families in Australia by encounter rate are:

  • Win32/Skeeyah (Trojan) - 0.67%
  • Win32/Vigorf (Trojan) - 0.37%
  • Win32/Fuery (Trojan) - 0.34%
  • Win32/Spursint (Trojan) - 0.32%
  • Win32/Dynamer (Trojan) - 0.23%
  • Win32/Vigram (Trojan) - 0.14%
  • Win32/Swrort (Trojan) - 0.14%
  • Win32/Xorer (Virus) - 0.13%
  • Win32/MpTestAgg (Virus) - 0.13%
  • Win32/Rundas (Trojan) - 0.11%

The Win32/Skeeyah and the Win32/Vigorf are both generic detections for threats that display Trojan-like characteristics, while Win32/Fuery is a cloud-based detection for files for files that have been automatically labelled malicious by Windows Defender.

Browser modifiers dominated the encounter rate for the amount of unwanted software families in Australia, followed by software bundlers and adware.

Browser modifiers affected 0.65% of Australian computers, followed by software bundlers (0.47%) and adware (0.14%). All categories experienced an increase in encounter rate from February to March.

The top five unwanted software families in Australia by encounter rate are as follows:

  • Win32/Foxiebro (Browser Modifier) - 0.23%
  • Win32/ICLoader (Software Bundler) - 0.07%
  • Win32/Adposhel (Adware) - 0.07%
  • Win32/Prepscram (Software bundler) - 0.06%
  • Win32/Sasquor (Browser Modifier) - 0.06%

Win32/Foxiebro is a browser modifier that injects ads to search results pages, modify web pages to insert ads and open ads in new tabs.

Win32/ICLoader is a software bundler available from software ‘crack sites’. It installs alongside the desired program. It often installs other unwanted software.

Win32/Adposhel is adware that can show additional ads both inside and outside a web browser.

Australian computers were also exposed to a lower rate of malicious websites that have been compromised by malware, SQL injection or other techniques.

Australian computers also encountered fewer drive-by download pages for every 1000 URLs, compared to the worldwide rate of 0.17.

However, Australia was exposed to more phishing sites per 1000 internet hosts, compared to 6.3 worldwide.

Australian computers encountered fewer malware hosting sites per 1000 internet hosts (7.7) compared to the global average of 14.8.

Around 89% of Australian computers were protected by Microsoft’s real-time security software during March 2017. 

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.