Story image

NZ dodging malware bullets better than most, new Microsoft report finds

01 Feb 17

The latest New Zealand results from Microsoft’s Security Intelligence Report Volume 21 show that the country is well below the worldwide average when it comes to malware encounter rates, well below other countries in APAC.

In the second quarter of 2016, 11.8% of New Zealand computers encountered malware attacks, compared to the worldwide rate of 20.8%. The malware encounter rate has also been dropping over the past two years, showing that the country is faring well when it comes to avoiding malware attacks.

The number of computers cleaned per mile (CCM) also sits below the worldwide average, coming in at 5.4%. This measure is a rate metric that shows the number of computers cleaned for every 1000 unique computers using the Malicious Software Removal Tool.

Malicious software categories

The report also found that Trojans account for the majority of malicious software categories, mirroring worldwide statistics.

Trojans in New Zealand accounted for 5.5% of all encounters, compared to the worldwide rate of more than 11%.   

Worms were the second-most-encountered malicious software category, accounting for 1.3% of encounters. Downloaders and droppers featured in third place, accounting for 1.2% of encounters.

Amongst the most common malicious software families were the Win32/Dynamer (0.6%), Win32/Xadupi (0.6%) and JS/Axpergle (0.5%).

The Win32/Dynamer is a generic detection for a variety of threats.

Win32/Xadupi is a Trojan that poses as useful applications such as WinZipper or QKSee, but can silently install other malware. It is often installed by browser modifiers Win32/Sasquor and Win32/SupTab.

JS/Axpergle is a detection for the Angler exploit kit, which targets some versions of Internet Explorer, Adobe Flash Player, Java and Silverlight to install malware.

Unwanted software categories

Browser modifiers took out the top spot with 3.4% of encounters, followed by software bundlers (2.5%) and adware (0.9%).

The top unwanted software families include Win32/SupTab (0.7%), Win32/Mizenota (0.7%), Win32/Diplugem (0.7%), Win32/KipodToolsCby (0.6%) and Win32/Sasquor (0.5%).

The Win32/SupTab is a browser modifier that installs itself and changes the browser’s default search provider without consent.

The Win32/Mizenota is a software bundler that installs unwanted software alongside genuine installs. It may install Win32/SupTab, Win32/Sasqor, Win32/Smudplu, and others.

The Win32/Diplugem is a browser modifier that installs browser addons without consent. These addons are usually extra ads on webpages and through web search results.

Globally, the highest number of malicious attacks come from malware hosting sites, with 24.28% out of every 1000 internet hosts. Phishing sites also increased to 7.05%, while drive-by downloads accounted for 1%.

The report also found that 90% of New Zealand computers are running up-to-date and real-time security software in 2Q16, slightly higher than the global average.

What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
"Is this for real?" The reality of fraud against New Zealanders
Is this for real? More often than not these days it can be hard to tell, and it’s okay to be a bit suspicious, especially when it comes to fraud.