Microsoft has released an analysis of the extent of malware worldwide and what specific threats are likely to hit each country.
There is no one-stop solution for malware when it comes to either consumers or the enterprise, but by tracking what malware is hitting where, security professionals can analyze trends to tailor solutions for users, and staff can remain on top of the game to protect corporate networks they are responsible for.
According to Microsoft’s last Security Intelligence Report, published in May, exploit kit use steadily increased during 2015 after decreasing steadily for over a year, rising by over a third during on quarter alone.
This doesn’t mean that white hat researchers are doing nothing, however. According to Microsoft, vulnerability disclosures also increased by 9.4 percent from Q1 to Q2 2015.
On Monday, the Redmond giant described some of the country-specific patterns the company’s security team has been tracking over 2016. In a blog post, Microsoft said that France and Italy both had unusually high encounter rates for malware which modifies browsers — such as via web injection, adware or phishing campaigns — and this trend is led by Win32/SupTab and Win32/Diplugem.
Over in Russia and Brazil, during the second half of 2015, encounters with Trojans and droppers were “nearly three times the worldwide average.” Out of the top ten threat families in Russia last year, five were Trojans, including Win32/Peals, Win32/Skeeyah, Win32/Dynamer, and Win32/Spursint. In Brazil, the Suptab, Win32/Sventore and Win32/Banload topped the threat list.
In 2016, Trojans still dominate the Russian threat landscape. However, in Brazil, the most common threats the average consumer now faces are now worms, with VBS/Jenxcus, Win32/Gamarue, and JS/Bondat the most prevalent.
Microsoft says the highest global encounter rates for adware can currently be found in Brazil, France, and Italy — with Win32/EoRezo topping the list.
Viruses, however, are most interested in China, led by DOS/JackTheRipper and Win32/Ramnit.
In the table below, you can view the top threats by country. The darker the color, the more common the threat:
These trends can be placed at the feet of a number of factors, including native languages, the use of distribution models which can only target specific countries and also, as Microsoft notes, targeted “vulnerabilities or operating system configurations and applications that show up disproportionately in a given location.”
In related news, this week the company sent out a warning to users relating to a fake Microsoft security product mimicking the blue screen of death which is locking infected machines in order to force victims to call an 1800 number support helpline.