Content Migration

September 25, 2008

Everyone,

The content of this blog will be moving to http://pandalabs.pandasecurity.com. Therefore, you can find new and interesting posts at http://pandalabs.pandasecurity.com or www.pandalabs.com for this point on.


PandaLabs Q2 Figures

July 7, 2008

Today we published our Q2 figures covering the most relevant trends in the malware landscape. Some of the key points from this Q2 report includes:

  • Distribution of Banker Trojan families by prevalence in the market.
  • Distribution of Active malware by country (this entails PCs with active malware running in memory).
  • Spam levels fluctuated between 60% to 94% of all email on the Internet

Banker Trojans continue to be a prominent factor when taking into consideration Identity Theft. As covered in the report Banker Trojans experienced a 400% increase as opposed to other years which were significantly less. In addition Russian Banker Trojans remain strong in terms of the overall distribution by family.

In the first half of Q2 2008 we saw an emergence of SQL Injection attacks being used to conduct mass hacking campaigns in order to distribute as much malware as possible. In conclusion cyber-crime only continues to evolve and should not be ignored when implementing security at your organization. The report can be found here:


Think Your Protected? Think Again. Study Reveals Hidden Cyber-Crime Breaches

March 28, 2008

Over a five month period, Panda Security conducted several audits with a large state agency in the United States to assess the level of risk pertaining to hidden and undetected infection points. Due to the confidential nature of this customer, we cannot disclose the agency name. The information learned from this case is a great demonstration of how even the “well-protected” networks require more effective tools to fend off the latest generation of malware.

This agency by nature is obligated to enforce rigorous security policies to protect against unauthorized activity, especially when they are responsible for securing a large network of sensitive information. Some of the restrictions the agency enforces on its users include:

 – Users have limited rights to the network

 – Users can’t modify anything within the system directory

 – Users must access the Internet through a secured proxy.

In such a secure environment, it should be extremely difficult for malware to cause any harm to the network. Unfortunately, even with these strict access rules, Panda Security found various dangerous intrusions in the agency’s network caused by malware.  

The following case study covers an audit spanning more then 4,500 PCs with active, up-to-date anti-malware software from a leading vendor. These PCs were analyzed against a set criteria consisting of hidden active or latent malware along with their associated vulnerabilities.

For more information please see the attached study:  Case Study


Application Scam Sites

March 26, 2008

Recently Panda Security was notified regarding an on-line scam currently in production claiming to offer Panda Security, McAfee, Symantec and Adobe products in addition to a product known as error mechanic. 

Panda

The site www.pandasecuritysoftware.com and the following associated domains are part of this scam:

pandaantivirus2008.com
panda-antivirus-2008.com
pandasecurity2008.com
pandaantivirus-2008.com
panda-anti-virus.com
panda-2008.com
antivirus-panda-suite.com
panda-ib.com
panda-2008.com
panda-anti-virus.com
panda-antivirus-2007.com
panda-antivirus-2008.net
panda-bdl.com
panda-ib.com
panda-suite.com
pandaantivirus-2007.com
pandaantivirus-2008.com
pandaantivirus-ib.com
pandaantivirus2008.com
pandasecurity2008.com
pandashield.com
pandasuite2007.com
panda-bundle.com
pandabundle.com
pandasecuritysoftware.com
pandasecuritysoftware.net

Some words of caution: This site and the domains are not supported or in anyways affiliated with Panda Security and may contain hidden infections, therefore; we strongly advise to refrain from visiting any of these domains.

Fortunely our testing indicates that the potential malware reported to reside on these pages has been removed, thus, it is still recommended to perform a scan at www.nanoscan.com to be 100% you are not infected.

Furthermore; when making software purchases it is advisable to purchase from the recognized vendor’s web-site or from an authorized partner. Otherewise you may become a victim of ID Theft.