The study focuses on Java exploits, Bitcoin mining, APTs, Mac malware and mobile malware

Sep 24, 2013 11:46 GMT  ·  By

IT security firm F-Secure has published its threat report for the first half of 2013. The study focuses on Java exploits, ransomware, Bitcoin mining, advanced persistent threats (APTs), Mac malware and mobile threats.

Unpatched software continues to be problematic, particularly when it comes to Java. According to the report, in the second half of 2012, around one third of the exploits reported to F-Secure’s telemetry systems targeted Java. However, almost half of the exploits reported in the first half of 2013 targeted Java.

In H1 2013, ZeroAccess infections decreased, but not necessarily because the malware is not used by cybercriminals. Instead, it’s because F-Secure products have been efficient in mitigating ZeroAccess attacks.

During March and April, a ZeroAccess botnet was used for a piece of ransomware that accused victims of accessing illegal child molestation content. ZeroAccess has also generated a lot of profit for cybercriminals from Bitcoin mining. Experts estimate around $50,000 (€37,000) per day.

As far as mobile malware is concerned, the number continues to increase, especially when it comes to Android malware. By July 2013, a total of 405,140 Android application packages containing malware, spyware and adware were found. Of these, over 257,000 contained malware.

When it comes to Mac malware, a total of 33 new families and variants were uncovered in the first half of 2013. One of the most interesting threats has been dubbed Kumar in the Mac (KitM). This is the first malware to be signed with a valid developer ID.

The study contains interesting case studies on all of these topics, so it’s worth checking out. The complete report is available on F-Secure’s website.

Here is a video in which F-Secure’s Mikko Hypponen and Sean Sullivan discuss the results of the study: