Fortinet Research reveals "Zero Access" as No. 1 Threat

Fortinet has announced the findings of its FortiGuard threat landscape research for the first quarter of 2013. As per the report from FortiGate devices worldwide, Bitcoin mining botnet, ZeroAccess was the No. 1 threat in this quarter. 

Richard Henderson, Security Strategist and Threat Researcher, Fortinet’s FortiGuard Labs, said, “In the first quarter of 2013, we have seen owners of the ZeroAccess botnet maintain and expand the number of bots under its control. In the last 90 days, the owners of ZeroAccess have sent their infected hosts 20 software updates.”

FortiGuard Labs’ analysis of ZeroAccess, which has the capability to load DDoS modules onto infected machines, revealed that the botnet does not currently have a DDoS module attached to its arsenal. This suggests that other botnet owners are attempting to profit from fluctuations in the Bitcoin currency.

The growth of new ZeroAccess infections has remained constant in the last 90 days. Most recently, the team is seeing a staggering 100,000 new infections per week and almost 3 million unique IP addresses reporting infections. It is estimated that ZeroAccess may be generating its owners up to $100,000 per day in fraudulent advertising revenue alone.

Two new Android adware variants – Android.NewyearL.B and Android.Plankton.B – have seen a large number of global infections in the past 90 days. Both pieces of malware are embedded into various applications and have the ability to display advertisements, track users through the phone’s unique IMEI number, and modify the phone’s desktop.