Encounter and infection rate trends
2.2. Encounter and infection rate trends
In 4Q13, the MSRT detected and removed malware from 24.9 of every 1,000 unique computers scanned in Brunei in 4Q13 a CCM score of 24.9, compared to the 4Q13 worldwide CCM of 17.8. The following figure shows the encounter and infection rate trends for Brunei over the last four quarters, compared to the world as a whole. • The most common threat family infecting computers in Brunei in 4Q13 was Win32Rotbrow, which was detected and removed from 16.7 of every 1,000 unique computers scanned by the MSRT. Win32Rotbrow is a trojan that installs browser add-ons that claim to offer protection from other add-ons. Rotbrow can change the browser’s home page, and can install the trojan Win32Sefnit. It is commonly installed by Win32Brantall. • The second most common threat family infecting computers in Brunei in 4Q13 was Win32Sefnit, which was detected and removed from 3.1 of every 1,000 unique computers scanned by the MSRT. Win32Sefnit is a family of trojans that can allow backdoor access, download files, and use the computer and Internet connection for click fraud. Some variants can monitor web browsers and hijack search results. 27 • The third most common threat family infecting computers in Brunei in 4Q13 was Win32Gamarue, which was detected and removed from 2.2 of every 1,000 unique computers scanned by the MSRT. Win32Gamarue is a worm that is commonly distributed via exploit kits and social engineering. Variants have been observed stealing information from the local computer and communicating with command-and-control CC servers managed by attackers. • The fourth most common threat family infecting computers in Brunei in 4Q13 was Win32Dorkbot, which was detected and removed from 1.4 of every 1,000 unique computers scanned by the MSRT. Win32Dorkbot is a worm that spreads via instant messaging and removable drives. It also contains backdoor functionality that allows unauthorized access and control of the affected computer. Win32Dorkbot may be distributed from compromised or malicious websites using PDF or browser exploits.2.3. Malicious websites
Parts
» Objectives and Scope of Activities
» APCERT Members APCERT Annual Report 2014
» Working Groups WG APCERT Website
» International Activities and Engagements
» BruCERT Establishment BruCERT Workforce BruCERT Constituents
» Encounter and infection rate trends
» Malicious websites Summary of BruCERT Honey Pot Project
» Establishment Workforce power Constituency
» Drills Meetings Presentations Publications – Cyber alerts, advisories and strategies
» Incident handling Reports Abuse Statistics Incident Trends
» Cyber Security Assurance initiatives Future projects
» Introduction Establishment Workforce power Constituency Contact Incident handling
» Internet Awareness 1. Malware Activities Website Security
» Mobile Awareness Conferences Achievements 1. Publications
» Introduction EC-CERT Services Achievements 1. Publications
» About ID-CERT Introduction APCERT Annual Report 2014
» Abuse Statistic New Service Etc
» Establishment Management and Staffs Constituencies and Stakeholders Main activities:
» Drills About JPCERTCC Establishment
» About KrCERTCC Introduction About MNCERTCC Introduction
» Statistics Activities Operations 1. Incident handling reports
» Drill Seminars Events organized co-organized 1. Competition
» Incident handling reports Abuse statistics
» Training Drills Seminars Publication. Sensors
» Activities About MOCERT Introduction
» Threats About MOCERT Introduction
» Incident trends About MOCERT Introduction
» Training Education Drills Seminars Presentations
» Future plan About MOCERT Introduction
» The Cyber999 Malware Research Centre MRC Constituency
» Cyber Drills Trainings Presentations Tools Developed Paper Publication
» MyCERT’s Activities Operation 1. Incident handling reports and abuse statistics Working Visits
» Memorandum of Understanding MoU New Partnership and Existing Cooperation
» Incident handling reports The Telecommunications Intercept Capability and Security Act TICSA
» Training Drills Publications About MOCERT Introduction
» Activity Summary About SingCERT Introduction
» Incident Handling Statistics About SingCERT Introduction
» Training Education Consultancy About SingCERT Introduction
» Seminars Workshops About SingCERT Introduction
» Publications Other Media Certification Membership MOUs
» Event Participation International Incident Coordination
» Future Plans Conclusion Activities Operations 1. Abuse statistics
» Security Vulnerability Announcement Spam Analysis Report Anti-Phishing Now
» MoU International Collaboration APCERT Annual Report 2014
» Establishment Workforce Power Mission and Constituency
» Incident Handling Government Information Sharing and Analysis Center Training
» Drills Conference Presentation Publication Incident Report
» International Organization Membership Participation to International Events MOU
Show more