Microsoft Claims Massive Rise of Malware in 2013

According to a new report from Microsoft, downloaded malware has more than tripled in only the second half of last year.

malware

Photo: Kentoh / Shutterstock

In the latest iteration of the annual Security Intelligence Report, Microsoft claims that the number of people accidentally downloading packages and software secretly infected with malware has drastically shot up as of the last six months of 2013, resulting in a sharp increase in the number and breadth of botnets that are currently trawling the web at large.

No one knows how long the trend might last. Some analysts suspect we’ll see more of this for Windows and OSX computers if the current trajectory is any indication of the future.

Out of the fray came a notable contender for the top spot, a malware that was wildly popular with the cracking community last year called Rotbrow. Contained within a browser toolbar designed to translate languages on web pages as you click around called Babylon Toolbar, the program is designed as a sort of all-in-one solution for the hacker who wants to reap the benefits of an unused machine, but doesn’t want to put in the time cracking everything themselves.

It can be used for simple-yet-timeless fraud like credit card credential hijacks, or more advanced, up to date efforts like Bitcoin mining and OS-level keylogging.

Another lesser known exploit called Brantall also chimed in around September attached to programs like RocketPDF and 77Zip, disguising its code in innocuous-looking functionality programs, which don’t attract too much attention once installed on your system at work or from home.

From just the third to the fourth quarter of last year Microsoft saw the infections of Brantall and Rotbrow skyrocket, quadrupling on top of themselves in the short span of just a few months.

Threats like Cryptolocker also proved exceedingly popular with hackers in 2013, as the easy money and high return on the investment showed itself to be an irresistible combination for the men and women who make their living from the innocents of the Internet.

“Ransomware is not especially prevalent compared to other threats, but when it hits a user it can be devastating. The top ransomware threat, Reveton, increased 45 percent between the first and second halves of 2013. Another common strain was Urausy. Both purport to be from legitimate law enforcement and intimidate the user into compliance.”

Microsoft was quick to inform users they in no way support paying those behind ransomware the money they are looking for, as it only encourages the practice and shows other hackers who might be interested that the method is an effective way to get paid on the underground circuit.

This latest report doesn’t even account for the most recent massive breach laid at Microsoft’s feet, the Internet Explorer zero day, which currently affects all versions of IE across every platform the browser runs on and then some.

Although the threat has since been patched, it just goes to show that even if you think all the holes have been plugged, all it takes is one crack or chink in the armor and the whole process starts again the next day from zero.

Read the full report