Web-based attacks double in 2013, study finds

cyber threats

Web-based attacks double in 2013, study finds

Warwick Ashford

Web-based malware attacks doubled in the second half of 2013 in comparison with the first half, according to the latest threat report from F-Secure Labs.

Threats targeting Google’s Android mobile operating system accounted for 97% of mobile threats for the whole year, the report revealed.

Mikko_Hypponen_280x320.jpg

Web-based attacks, which typically involve techniques that redirect the browser to malicious sites, were the most commonly reported type of attack for the period covered by the report.

Web-based attacks represented 26% of detections, followed by the Conficker worm with 20%.

The three most common exploits detected during the period were all Java-related. Java exploits, however, declined compared with the first half of 2013.

Mac malware continues a slight but steady increase, with 51 new families and variants detected in 2013.

The majority of mobile threats in 2013 were directed at the Android platform, which racked up 804 new families and variants, compared with only 238 new Android threats in 2012.

The remaining 3% of mobile threats were directed at the Symbian platform, with no threats detected against any other platform. 

The top 10 countries reporting Android threats saw a little over 140,000 Android malware detections. Most reported detections came from Saudia Arabia (42%) and India (33%). European countries accounted for 15% and the US 5%.  

The report noted that because the Android platform itself has relatively few vulnerabilities, the main distribution method is still compromised apps downloaded via third-party app stores.

F-Secure used the publication of the report to reiterate the security firm’s policy of no tolerance for governmental malware and mass surveillance.

“It has always been F-Secure’s policy to detect any malware, regardless of its source,” the company said.

Mikko Hypponen (pictured), chief research officer at F-Secure Labs, said governmental surveillance is not about governments collecting the information people are sharing publicly and willingly.

“It is about collecting the information you do not think you are sharing at all. Just because it can technically be done does not make it right,” he said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy