07/07-11   -   Press releases

LulzSec and Anonymous Blur Lines between “Hacktivism" and Criminality, According to PandaLabs Q2 Report

Hacker groups’ illegal tactics undermine legitimacy of their protests while distracting security industry from serious threats that grow under the radar.

PandaLabs, Panda Security’s anti-malware laboratory, today published its Quarterly Report for Q2, analyzing the IT security events and incidents from April through June 2011. As the report outlines, this quarter has been one of the worst on record, with hacking groups Anonymous and LulzSec causing widespread mayhem and organizations such as RSA Security, the U.S. Defense Department, the International Monetary Fund, the European Space Agency, Sony, Citigroup and SEGA all falling victims to attacks.

While Media Obsesses over Illegal Stunts, Malware Creation Shows No Signs of Slowing

In the last quarter, malware of all kinds has spread substantially, with PandaLabs observing 42 new malware strains created every minute. Once again, Trojans accounted for most of the new threats, comprising nearly 70 percent of all new malware created, followed by viruses (16 percent) and worms (11,6 percent).



Pic available at: http://prensa.pandasecurity.com/wp-content/uploads/2011/06/NEW-SAMPLES.jpg

As recorded by Panda Security’s online scanner, Panda ActiveScan, Trojans were responsible for 69 percent of infections, followed once again by viruses (10 percent) and worms (8.53 percent). Adware, which only represents 1.37 percent of all malware, accounted for more than 9 percent of all the infections, indicating the substantial effort malware writers are taking to promote this type of malicious code. Fake anti-virus programs, which are included in the adware category, have also continued to grow.




Pic can be found at: http://prensa.pandasecurity.com/wp-content/uploads/2011/06/DISTRIBUTION.jpg


As for the specific threats responsible for most infections this quarter, we see that the Top 10 specimens have caused over 50 percent of all infections. However, this can be a bit misleading as many of the entries on the Top 10 list are generic malware (detected by Collective Intelligence) that include several families.


Pic available at: http://prensa.pandasecurity.com/wp-content/uploads/2011/06/TOP-MALWARE.jpg


Asian Countries Lead Infection Rankings
In the ranking of the top 20 countries with the most infections, China, Thailand and Taiwan once again continue to occupy the top three spots. PandaLabs observed Sweden, Switzerland and Norway as being the least infected countries.






Pic at: http://prensa.pandasecurity.com/wp-content/uploads/2011/06/TOP20ENG.jpg



You can get this pic at: http://prensa.pandasecurity.com/wp-content/uploads/2011/06/LOWTOPEN.jpg


Top Security Incidents:

• LulzSec and Anonymous: A new hacker group LulzSec emerged this quarter, specializing in stealing and posting Personally Identifiable Information (PII) from companies with poor security as well as carrying out denial of service attacks (against the CIA website, for example). They also released a full list of PII data they had previously stolen such as email addresses and passwords, which has led to account hijacking and other forms of identity theft. At the end of June, LulzSec teamed up with Anonymous for “Operation: Anti-Security," encouraging supporters to hack into, steal and publish classified government information from any source. On June 26, LulzSec released a statement on Twitter announcing the end of their activities. Nevertheless, they urged hackers to carry on with operation Anti-Security (#Antisec) and join the Anonymous IRC channel.

• Corporate Breaches: RSA, the security division of EMC Corporation, announced in mid-March it had suffered a breach on its network systems that exposed proprietary information about its two-factor hardware-based authentication system, SecurID. In May, Lockheed Martin, the largest provider of IT services to the U.S. government and military, suffered a network intrusion stemming from data stolen pertaining to RSA. It seems that the cyber-thieves managed to compromise the algorithm used by RSA to generate security keys. RSA will have to replace the SecurID tokens of more than 40 million customers around the world, including some of the world’s biggest companies.

• Sonygate: The most infamous attack that occurred this quarter was the one Sony suffered. Everything started with the theft of data from their PlayStation Network (PSN), affecting 77 million users worldwide. Not only was this the biggest data theft on record, but the situation was also poorly communicated to customers by the company, which hid the problem for days. When Sony finally made it public they simply said there was evidence that some user data could have been compromised, even though they knew the situation was far more serious.

The quarterly report can be downloaded from http://press.pandasecurity.com/press-room/reports/.
About PandaLabs
Since 1990, PandaLabs, Panda Security’s malware research laboratory, has been working to detect and classify malware in order to protect consumers and companies against new Internet threats. To do so, PandaLabs uses Collective Intelligence, a cloud-based proprietary system that leverages the knowledge gathered from Panda’s user community to automatically detect, analyze and classify the more than 73,000 new malware strains that appear every day. This automated malware classification is complemented through the work of an international team with researchers specialized each in a specific type of malware (viruses, worms, Trojans, spyware and other attacks) to provide global coverage. Get more information about PandaLabs and subscribe to its blog news feed at http://www.pandalabs.com. Follow Panda on Twitter at http://twitter.com/PandaComunica and Facebook at http://www.facebook/PandaSecurity

For more information contact Michael E. Mørk, Panda Security Danmark, at 42 13 80 44 and at www.pandasecurity.com/denmark or via michael.mork@dk.pandasecurity.com
or at www.virosafe.dk

Images can be downloaded at flickrsite

Follow os at Facebook and twitter