• Categories

  • Browsers
  • Business Software
  • Communications
  • Desktop Enhancements
  • Developer Tools
  • Digital Photo Software
  • Downloads
  • Drivers
  • Educational Software
  • Games
  • Graphic Design Software
  • Home Software
  • Internet Software
  • iTunes and iPod Software
  • Linux
  • MP3 Audio Software
  • Networking Software
  • Productivity Software
  • Screensavers and Wallpaper
  • Security Software
  • Software News
  • Utilities and Operating Systems
  • Video Software

• Archives

  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009

• Links

  • Gadget Mania
  • Gadget Reviews
  • USB World
  

• Meta

  • Log in
  • WordPress
  • XHTML

Panda Security reports over 13 Million users affected by Mariposa Botnet

India, Mexico, Brazil and Korea Hardest Hit by Massive Attack

Following the worldwide shutdown of the Mariposa botnet last week, Panda Security reported today that the massive botnet had infected 13 million computers in 190 countries and 31,901 cities. The take down was the result of a collaborative operation spearheaded by Panda Security, Defence Intelligence, the FBI and Spanish Guardia Civil, resulting in three arrests.

According to Luis Corrons, Technical Director of PandaLabs, “The highest infection ratios are found in countries where computer security education is not a priority. However, in countries where cyber security awareness campaigns have been prioritized over the last few years, like the United States, Germany, UK and Japan, the number of infections was significantly lower.”

The cities most affected by Mariposa were Seoul (5.36 percent of compromised IP addresses), Bombay (4.45 percent) and New Delhi (4.27 percent). The top 10 infected cities are as follows:

1 Seoul 5.36%
2 Bombay 4.45%
3 New Delhi 4.27%
4 Mexico City 3.89%
5 Bogota 2.68%
6 Lima 1.98%
7 Kiev 1.68%
8 Bangalore 1.39%
9 Islamabad 1.24%
10 Tehran 1.23%

When looking at the infection rate by country, India leads the ranking (19.14 percent of all infections), followed by Mexico (with 12.85 percent) and Brazil (7.74 percent). The U.S. ranked 20th out of the 190 countries where computers were infected (with 1.05 percent).

The top 10 infected countries are as follows:

Country %
1 INDIA 19.14
2 MEXICO 12,85
3 BRAZIL 7.74
4 KOREA 7.24
5 COLOMBIA 4.94
6 RUSSIA 3.14
7 EGYPT 2.99
8 MALAYSIA 2.86
9 UKRAINE 2.69
10 PAKISTAN 2.55

An image of the above Mariposa infection breakdown by country can be found at http://www.flickr.com/photos/panda_security/4419015337/.

“The coordinated effort of all Mariposa Working Group members led to the worldwide shutdown of the Mariposa botnet on December 23 at 11:00 am ET. On that date, we seized control of the communication channels used by Mariposa, effectively severing the botnet from its criminal creators and redirecting all requests to a server controlled by us. At that time we realized the huge number of IP addresses controlled by the bot, almost 13 million, and determined the astonishing number of affected countries and cities. The compromised IP addresses include personal, government and corporate computers,” explains Corrons.

An image of the global infection map can be found here: http://www.flickr.com/photos/panda_security/4419780176/.

The Georgia Institute of Technology has plotted the progress of the Mariposa Botnet in an animation available at http://fritz.cc.gt.atl.ga.us/mariposa/mariposa_major_victim_areas.avi. According to David Dagon, Ph.D. Candidate at the Georgia Institute of Technology, “I think a remarkable aspect of this botnet is that it reverses the normal expectations about infections. Usually, the press tells us that ‘eastern’ botmasters are attacking ‘western’ victims. In Mariposa’s case, we tend to see the opposite: some botmasters in the west, and victims in the east. The lesson learned is that we all face a common threat.”

Panda Security recommends that all users – home users and companies alike – perform an in-depth scan of their computers to make sure they are not infected by the Mariposa bot. Individuals and businesses can do so by using the company’s free online scanner Panda ActiveScan or downloading its free cloud-based antivirus service Panda Cloud Antivirus from www.cloudantivirus.com.

Comments

• Recent Posts

  • Mobile Security Problems Will Drive Demand for Authentication Products
  • Top Web Scams of the Decade
  • 25 Percent of New Worms in 2010 Are Designed to Spread Through USB Devices
  • IBM Delivers New Software to Help Clients Adopt Smarter Security and Compliance Management
  • DEF CON Survey Reveals Vast Scale of Cloud Hacking
  • More Than 200 Websites Use ‘Justin Bieber’ as Bait to Distribute Malware, According to PandaLabs
  • Panda Security’s Flagship Internet Security 2010 Takes Top Spot in AV-Test Report
  • National High School Cyber Defense Competition Registering Teams for Fall
  • National Survey: Online Safety is a Personal Priority for Americans
  • SonicWALL Releases Mid-Year Assessment of Top Cybercrime Threats for 2010
  • Casper 6.0 Tech Edition Disk Backup and Upgrade Software
  • Open Source Community Paves Way for Developers to Improve Internet Access for the Aging, Disabled
  • SAP Releases New Version of SAP Business ByDesign
  • Apple Updates Safari 5
  • Apple Mac OS X Updated

• Tags

  2009 2010 America antivirus Apple application beta browser business Conficker cybercriminals data protection download educational encryption free Home Software IBM internet iPhone Mac Malware Microsoft news office online PandaLabs Panda Security productivity protection safety security Security Software SIIA software Software News tech technology threats Trend Micro United States US USA Windows Windows 7