Ransomware, Malware Threats Rise in Second Quarter

The second quarter of 2016 saw a small decline in the detection count malware in both Google Android and Windows-based devices. However, this decrease should not be mistaken as a sign of weakness in cyber-criminals, according to a report from Quick Heal Technologies.

The company’s research labs recorded a steady increase in the detection of potentially unwanted programs (PUPs), but noted a more concerning matter was the 200 percent increase in the detection of mobile ransomware in this quarter alone. In fact, this level of detection is almost close to half of all the detections in 2015.

Additionally, newer variants of Windows malware have joined the pack of the top 10 malware of the second quarter and security vulnerabilities have swelled to scary proportions.

The report outlines the top malware afflicting Windows and Android users, with a brief low-down on each of the malware families, and lays out the difference between the malware detection stats of this quarter and that of the previous.

The report also includes some observations about certain malware that caught the company’s attention due to their unique behavior.

Compared with the previous quarter (Q1 2016), this quarter has seen a decline of 16 percent in the detection count of malware on Windows computers.

The top malware was Trojan.Starter.YY4, a Trojan that works by connecting to a remote server and installing other malware on the computer it infects—in essence being used as an entry point by other malware.

This malware is linked to various banking Trojans and worms designed to spread over networks, which allow hackers to steal confidential data such as credit card details and personal information from the infected system.

As observed by Quick Heal in the first quarter, Mindsparki, BrowseFox and Clientconnect were the top PUP families with the highest detection rate.

In Q2, however, the company found new families, including Askcom, InstallCore and Greentree.Greentree, which generally have been marked as low-risk threats. But Quick Heal researchers noted some of them can be difficult to remove once they have infected a computer.

“Users need to exercise caution while clicking on the ‘Accept’ button while installing any software, particularly the free ones,” the report warned. “We strongly recommended users to read the Privacy Policy and End User License Agreement so that they understand what all applications are going to get installed besides the primary software.”

The report also noted carefully planned and targeted attacks on government organizations and other private sectors are increasing, as are cases of ransomware incidents.