18 April 2015

Microsoft Digital Crimes Unit says B106 topped the cyber threat list in ASEAN for Q1 2015

The Microsoft Digital Crimes Unit has released its Malware Infection Index* for ASEAN for the first quarter of 2015.

Source: Microsoft. India remains the most infected country, while Indonesia is no. 5 globally, and China is 8th. 

Source: Microsoft.

The top threat in ASEAN, Bladabindi/Jenxcus (B106), is a malware family that can steal sensitive information and send it to a malicious hacker. It can also download other malware and give unauthorised access to your PC. This malware family can also be used to take control of your PC and steal your sensitive information. 

Some variants can use your PC camera to record you or send information about what keys you press to a malicious hacker. They can spread via infected removable drives, such as USB flash drives. They can also be downloaded by other malware, or spread though malicious links and hacked or compromised websites. Jenxcusthreat can get onto your PC from a drive-by download attack, that is as a by-product of a download that the user is tricked into starting, or through a download that occurs behind the scenes without the user knowing about it.

Ranked no. 2, Conficker is a family of worms that can disable several important OS services and security products. They can also download files and run malicious code on your PC if you have file sharing enabled. Some worms can also spread via removable drives and by using common passwords.

Ramnit, in no. 3 place, is a malware family that steals sensitive information, such as your bank user names and passwords. It can also give a malicious hacker access and control of your PC, and stop your security software from running. These threats can be installed on your PC through an infected removable drive, such as a USB flash drive.

Singapore shares the same no. 1 and no. 2 threats as ASEAN but has Sirefef (ZeroAccess) in no. 3 place. This trojan belongs to a family of malware that uses stealth to hide its presence on a computer. Trojans in this family can do all manner of unauthorised things, including downloading and running other files, contacting other computers, and disabling security features. Members of the family can also change search results, which can generate money for the attackers who use Sirefef.

Malaysia has the same malware profile as Singapore. Kuala Lumpur sees the most cyber threats, and then Ipoh.

Vietnam also shares the same no. 1 and no. 2 threats. In no. 3 place for Vietnam is Ramnit, a malware family that steals sensitive information such as bank user names and passwords. It can also give a malicious hacker access and control of a PC and stop your security software from running. These threats can be installed on your PC through an infected removable drive, such as a USB flash drive. The most dangerous cities for malware in Vietnam are Hanoi, followed by Ho Chi Minh City. Thailand has a very similar malware profile; its most dangerous cities for malware are Bangkok, and then Chiang Mai. 

The Philippines also has the same malware profile, but its top city for malware is not Manila as might be expected, but Quezon City. Manila faces the second-most number of threats.

Indonesia's most dangerous threat is Ramnit in no. 1 place, followed by B106 and then Conficker. Jakarta sees the most malware, followed by Bandung and then Medan.

Microsoft further offers three cyber security tips for organisations:

1. Exercise safe computing practices, such as running current, up-to-date and legitimate software products, plus always have antivirus/anti-malware protection.

2. Be comprehensive in reviewing due-diligence practices, which would include robust and regular inspection of business processes, suppliers, and organisational practices, not just the use of technology.

3. Consider cloud as one of the safest ways forward to protect data and privacy in future, but choose your cloud provider wisely on the basis of trust, commitment and credibility. For Microsoft, the principles of trust are cybersecurity, data protection, privacy, regulatory compliance and transparency.

*Source: Microsoft DCU Malware Operations Report