From the domestic “RainbowDay” (also known as “暗云Ⅲ”) virus to the worldwide notable WannaCry and NotPetya attacks, China in the last few months saw an increasing number of malware moments. Chinese software giant Tencent recently published the Internet Security Threat Report in H1 2017, indicating that a decreasing number of people have had their computer affected by a virus, hacker, malware or spyware in the past six months, along with the distribution channels increasingly diversifying.
According to the report, new malicious software has been growing every year, making a rise of 30% computers infected by virus attacks in the first half of 2017; meanwhile, more than 100 million mobile phone users suffered a cell-phone virus attack, amongst which QR code has become the main channel through which the viruses spread.
Rapidly Growing Computer Trojan Malware
Tencent Antivirus Lab statistics show that the number of computer viruses blocked in the first half of 2017 reached 1 billion, nearly 30% more than the number unveiled for the second half of 2016. They also found a rapid growth of computer Trojan malware being developed after comparing the number of computer viruses blocked in 2014 with that in Q2 2017.
In detail, the highest computer virus-carrying hour appears between 10 a.m. and 11 a.m., which just right matches the regular pattern of Chinese enterprise employees and ordinary users starting using computers every day, Tencent Antivirus Lab researchers said. During the period, malicious people tend to write VBA code to create macros and then embed the macros in Office documents and distribute them online.
To the point of city-attacked distribution, some most developed cities of network become the most vulnerable regions. Shenzhen, one of the largest and wealthiest cities in China, blocked the most computer viruses, accounting for 3.76%; the second city is Chengdu, which blocked 3.57% of all computer viruses, followed by Guangzhou’s 3.39%.
An Explosion of Malicious QR Codes
The case in mobile side is too serious to be overlooked. Tencent Antivirus Lab has reported that cell-phone virus has infected as many as 109 million mobile devices over the past six months, dramatically down 45.67% year-on-year and slightly decreasing when compared to the first half of both 2015 and 2016.
However, it is astonishing that the number of viruses that were killed by Tencent Mobile Manager reached 693 million in the first half of 2017, with year-on-year growth of 124.24% and twice the number of viruses killed in the first half of 2016. In other words, as with the decreasing cost of producing a malicious program and Trojan virus, there is a diverse distribution channel for malware and virus.
Tencent Antivirus Lab researchers, by analyzing the share of different kind of cell-phone virus appear in H1 2017, reported that scampish virus and memory usage and processor consumption software took the first two spots, respectively accounting for 44.59% and 44.44%. QR codes have been the main channel for malware to spread, nearly 20.8% of viruses distributed through QR codes.
QR code has become increasingly common in every area, more and more people are used to transferring money, downloading an app, adding a friend and more by scanning a QR code, leading to malware developers switching to spreading virus via QR codes. It will automatically download the malicious virus the moment a person scan a virus-embed QR code, resulting in the mobile phone being infected by the virus, or even worse, causing the leakage of personal privacy and property losses.