A new report has found that approximately 14 percent of home networks are infected with malware. The Kindsight Security Labs report, which highlights infections from April through June 2012, also says that the number of high-level threats, such as bots, Trojans and backdoors, increased by 50 percent when compared to the first three months of 2012.
According to the report 14% of residential households, which have fixed broadband, show evidence of malware infection. 9% of these households were infected by high threat level malware such as a botnet, rootkit or a banking Trojan. It is estimated that there are 100,000,000 households with broadband in the USA. That means that 14,000,000 households in the USA have malware on a computer somewhere in the home. Worse still that 9,000,000 of those households have a serious malware infection including a rootkit or a banking Trojan.
The primary way in which these computers get infected is via e-mail messages that lure victims to web sites running an exploit kit. The victim would typically receive an e-mail message from a business (like a bank or PayPal) or a government agency (like the IRS) informing them of an issue with their account. The link takes the user to a fake site (which looks reasonably close to the authentic one) but the fake site uses malicious techniques to infect the victim’s computer. Once infected the attacker goes on to install the malware of their choice, often a rootkit botnet such as Alureon or ZeroAccess.
Alternatively, the e-mail could just take the users directly to a download, often for fake anti-virus software which is actually a Spambot or a banking Trojan like Zeus or SpyEye. Or the e-mail will simply contain a zip file containing an executable malware file.
With the London Olympics approaching fast, McAfee also noticed a sharp increase in the number of Olympic related spam e-mails. These global event related e-mails are also a popular method used by hackers to lure users to follow links to malware infested sites.
“In recent months, we’ve seen the ZeroAccess botnet update its command and control protocol and grow to infect more computers while connecting to over one million computers globally,” said Kevin McNamee, security architect and director, Kindsight Security Labs. “The concern with ZeroAccess is that it is using the subscriber’s bandwidth maliciously which will cost them money as they exceed bandwidth caps. And, once the computer is compromised, it can also spread additional malware or launch new attacks.”
The report also highlights the recent Mac Flashback infection which infected 10% of home networks with Mac computers during the month of April.