Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
Comodo publishes strategic analysis of 97 million malware incidents in Q2
Comodo detected and analyzed nearly 100 million incidents in Q2 2017, almost quadruple the number from its Q1 report, in a detailed study released by Comodo Threat Research Labs (CTRL). Leveraging nearly 20 years of experience, and software installations in every country on Planet Earth, this effort leveraged detections from 236 country code top-level domains (ccTLD). This timely study offers strategic insight into the nature of modern cybercrime, cyberespionage, and cyberwar.
U.S. leads world in trojan detections
This report focuses on the top four malware types detected by Comodo: trojans, worms, viruses, and backdoors. Hackers design malware campaigns to gain the highest return on investment. Comodo discovered 5.8 million trojans in 216 countries. However, the U.S. dominated this dataset, with 1.9 million trojans, or over 32% of the total. The U.S. held this same dubious rank in Q1 2017.
Malware types and countries have unique profiles
Backdoors are the highest “class” of malware, targeting the most affluent countries, often in a targeted fashion; Australia, Great Britain, and Japan appeared prominently in this data. Trojans also tend to be more clustered around richer nations, but appear in every country, and every vertical. Viruses and worms are more often found in poorer countries; viruses are widespread, while worms in particular take advantage of the world’s least protected networks. Somewhat surprisingly, Russia experienced a significant worm infestation in Q2, suggesting that Russian networks are currently very poorly protected.
To see where your country falls within our data, please download the Comodo Q2 2017 Threat Report. And don’t hesitate to send your follow-up questions our way, to this address: malwaresubmit@avlab.comodo.com.
Malware campaigns fluctuate dramatically over time
In Q2, Comodo detected 5.8 million trojans, 4.5 million worms, 2.6 million viruses, and 209,000 backdoors. At the start of Q2, the world saw a sharp rise in worm propagation, chiefly in Asia, as attackers took advantage of networks using older, unpatched, and perhaps unlicensed software. However, by the end of Q2, trojans and worms had regained their status as the world’s first- and second-most common malware types.
Many malware campaigns are not cybercrime at all, but nation-state efforts to facilitate cyberespionage and even to “prepare the battlefield” for cyberwar. This report offers a detailed breakdown of malware types, families, and victim countries that can be used for strategic insight on cybersecurity.
“Brand-name” malware dominates network landscape
A small number of families tend to dominate the global malware village. However, two facets of malware propagation undercut our hope to minimize future infections. First, too many unpatched networks still allow known-bad code right through the front door. Second, some malware types are highly complex – and complexity is the enemy of security.
Consider the Upatre trojan family, which was Comodo’s top trojan detection worldwide in Q2. The U.S., which has been taking cybersecurity seriously for about 20 years, was nonetheless home to nearly 83% of Upatre infections in Q2. But trojans are in fact the most complicated – and flexible – malware type in the world today, with more families than backdoors, viruses, and worms put together. This Q2 analysis clearly shows how computer trojans are a large hall of smoke and mirrors.
Worms were Comodo’s second-most detected malware type in Q2. Here, the victim set belongs to much poorer countries. The Brontok family constituted 49% of worm detections, and the Philippines suffered from 75% of them. But at the country level, Russia has the most to worry about, and the problem might not be easy to fix: not only was Russia #2 in Brontok detections, but #2 in Autorun (our second most common worm), and #1 for each of the next three worms (AutoRunAgent, Hakaglan, and Morto).
Virus is a simpler data set than worm, with the fewest number of families, and a cleaner treemap in the Q2. Just two malware families accounted for 83% of detections: Ramnit (49%), which hit Russia the hardest, and Sality (33%), most active in Thailand. However, viruses in general had more victim nations than worms, and only the virus Parite had a clear primary victim: Portugal, which was blitzed by a virus outbreak in late Q2.
Finally, backdoors are a case study in paradox. 62% of backdoor detections belong to DarkKomet, which is well-known malware (in part made famous by its appearance in cyberwar stories) that still has been nearly impossible to kill. However, as detailed in the Q2 report, the remaining 38% of the backdoor chart is highly complex, and resembles the complexity of our trojan data. Furthermore, given the high-profile and affluent character of this malware type’s target set, the right side of our backdoor chart, without a doubt contains some advanced persistent threat (APT), or nation-state, actors.
Hackers target IT verticals
Online Services, Technology, and Telecom are now frequent targets for cyberattack. IT serves as a “force multiplier,” swiftly scaling cyberattacks and enabling malicious actors to compromise not just one target, but potentially millions in one successful penetration. Hardware and software supply chain attacks can even compromise the security of nation-states. By penetrating entire systems – and by playing the long game – unknown, remote hackers can perform espionage, denial-of-service, and data manipulation against a nearly infinite array of targets.
For a detailed look at your country or favorite malware type, download our Q2 Threat Report. And for even more in-depth information and intelligence, send us a request by email, to malwaresubmit@avlab.comodo.com.
About the Comodo Threat Research Labs Q2 2017 Report
The Comodo Threat Research Labs Q2 2017 Report is the second quarterly publication of the Comodo Threat Research Labs, a group of more than 120 security professionals, ethical hackers, computer scientists, and engineers, who work for Comodo full-time analyzing malware patterns across the globe.
Comodo is a global innovator of cybersecurity solutions. The world’s largest certificate authority, Comodo authenticates, validates, and secures networks and infrastructures from individuals to mid-sized companies to the world’s largest industries.
Useful Resources :
Tags: Malware Protection,Threat Protection
Reading Time: 3 minutes Rapid technological growth and increasing digitalization in all aspects of life around the world have increased the value of ensuring cyber-security at all levels. This is increasingly true for EU member states and the organizations that are based in or operate from these countries. The number of cyber-attacks targeting EU member states has risen. The…
Reading Time: 3 minutes Disruptions are often unforeseen. This could be a catastrophic event like a hurricane, a fire, or an earthquake. Disruptions, however, can also come in other forms such as that of a pandemic. This means that a building doesn’t necessarily have to be demolished or lives have to be lost for an unforeseen event to completely…
Reading Time: 4 minutes Today, organizations are constantly at risk from cyber-attacks. This is a major issue not only because of the traditional business risks, but because in today’s increasingly globalized world, effective intrusion by a cybercriminal might, among other things, bring the operations of a company to a standstill. Therefore, while businesses need to match the security system…
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
agreecheck
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP