Up to 13 percent of US and Canadian PC consumers show evidence of malware infection, with nearly half affected by high-risk botnets, rootkits and bank Trojans, Alcatel-Lucent‘s Kindsight division has reported.
In Q3 of 2012 the company found that 8.1 percent of its customers were infected with ‘moderate-level’ malware, mostly adware browser redirection programs used in click fraud scams and other assorted adware.
A further 6.5 percent of consumers were infected by more critical malware, with two versions of the now more or less endemic ZeroAccess botnet being the most commonly encountered.
Worse news still but almost one in ten infected users had been hit by the nasty and hard-to-clean TDL4-TDSS rootkit with the Alureon Trojan not far behind at about half this number. The alarming percentages for these three threats perhaps go some way to explaining the continuing hazard users face from online bank theft.
“We estimate that there are over 2 million infected users worldwide with 685,000 in the United States alone,” said Kindsight of the scale of ZeroAccess infection.
ZeroAcess also utilised a network of 200,000 ‘supernodes’ , hijacked peer-to-peer controllers, most likely servers with direct Internet connections. Dedicated to a variety of forms of clickfraud, the bot was probably costing advertisers as much as $900,000 per day or an astonishing $328 million per annum.
“The ZeroAccess botnet has grown significantly to become the most active botnet we’ve measured this year,” said Kindsight Security Labs’ Kevin McNamee.
“Cybercriminals are primarily using it to take over victim computers and conduct ad-click fraud. With ZeroAccess, they can mimic the human behavior of clicking online ads, resulting in millions of dollars of fraud.”
Mobile infection rates are rising on Android, but at 3 percent of devices remain low by PC standards. Most rogue mobile software is adware.