Q2 2014 and 2015 Q2-2.8 times more new malware mobile

Kaspersky Lab has published its report on threats in the second quarter, indicating the key security breach incidents and assessing the level of cyber threats during the period. 51% of network attacks blocked by Kaspersky Lab products has been carried out with malicious online resources located in Russia. On the next places were United States, Netherlands, Germany, France, Virgin Islands, Ukraine, Singapore, United Kingdom and China.

Mobile threats

  • In the second quarter came to 291 800 new malware, that is 2.8 times more than in the first quarter.
  • During the period detected 1 million installation packages of mobile malware – 7 times more than in the first quarter.

Mobile banking remains the main objective of the mobile threats. Kaspersky Lab's report covering the first quarter of 2015, mentioned about the threat called Trojan-SMS.AndroidOS.OpFake.cc that was able to attack until 29 banking and financial applications. The latest version of this Trojan, which appeared in the second quarter, can attack 114 (more) banking and financial applications. Its main purpose is to steal user login credentials, which attacks, among other things, several popular email applications.

Attacks on network: financial risks

  • There has been 5 900 000 notifications for attempts of infection using malware to steal money via the online access to bank accounts-this is about 800 000 less than in the first quarter.

In the second quarter of 2015, Singapore was ranked first in terms of the number of users of Kaspersky Lab products, who fell victim to network attacks, carried out by the Trojans-5.3% of all users by Kaspersky Lab in Singapore clashed with this threat during the period. On the next places were: Switzerland (4.2%), Brazil (4%), Australia (4%) and Hong Kong (3.7%). It is worth mentioning that most of the States out of the top (TOP 10) is at an advanced level of technology and/or has a developed banking system, which attracts the attention of cyber criminals.


Financial risks are not limited only to malicious programs that attack the bank customers online banking systems. In addition to malicious software (83%) risk to finance present programs coming bitcoins (9%), or malicious programs that use computing resources of computers of victims in order to generate bitmonet, as well as programs stealing wallets bitcoin (6%) and keyloggers (2%).

Cyber attacks targeted

In the second quarter global team. Kaspersky Lab research and analysis has identified four campaigns, cyberszpiegowskie: CozyDuke, Naikon, Hellsing and Th 2.0. Among the victims were government agencies, trading companies and other high level objectives. In the second quarter, we could also note that cyber criminals are interested in small and medium-sized companies – this kind of entities were attacked in the campaign cyberszpiegowskiej Grabit. Cyber criminals have focused on several sectors of the economy: chemical, industrial, nanotechnologicznym, educational, agricultural, construction and the media.

"In the second quarter, we launched an important initiative called Securing Smart Cities, which aims to help entities responsible for the development of smart cities pursue this task with regard to cybersecurity. If the security measures are not planned already at the stage of development, this may have later serious implications, and upgrading the security system is not always a simple task, "said Alexander Gostiew, Chief expert. with a global team. research and analysis, Kaspersky Lab.

Q2 in numbers

  • According to data from the KSN solutions Kaspersky Lab detected and repulsed including 379.9 million malicious attacks carried out from the online resources located throughout the world-19% less than in the first quarter.
  • During the period an average of 23.9% of computers Internet users around the world at least once was under attack. This is about 2.4 percentage points less in comparison with the first quarter.
  • 26 000 000 was detected unique malicious objects – 8.4% less than in the first quarter. The most widespread out of such properties was the script AdWare.JS.Agent.bg, which is injected by adware to random websites.


The full report is dedicated to the evolution of cyber threats in the second quarter of 2015, is available in English on the website https://securelist.com/analysis/quarterly-malware-reports/71610/it-threat-evolution-q2-2015/.



Source: Kaspersky Lab



Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.