Malware infects 30 percent of computers in U.S.

Report shows U.S. has eighth-highest PC malware rate among developed countries, examines new 'ransomware' that hijacks Web cams

Thirty percent of computers in the United States are infected with some form of malware, putting America among the top 10 most malware-infected countries in the OECD (Organization for Economic Cooperation and Development). If it's any consolation, South Korea has the dubious honor of topping that list with a malware infection rate of over 57 percent.

So says security vendor Panda Labs in its newly released quarterly report [PDF], for which the company analyzed IT security events and incidents around the world from April through June. Beyond exposing which countries are home to the most malware-infected machines -- useful information for any organization that does business internationally -- the report also highlights a new form of scareware that dupes victims into thinking they are being video recorded in real time by law enforcement through their PC's Web cam.

In the report, Panda examined the geographic distribution of PC malware throughout the world. Among all countries, South Korea came away with the highest percentage of PC malware at 57.3 percent, followed by China at 52 percent. Taiwan ranked third with an infection rate of nearly 43 percent, followed by Bolivia at just over 40 percent. Honduras, Turkey, Ecuador, Russia, Slovakia, and Poland rounded out the list.

On the other end of the spectrum, Switzerland boasted the lowest PC malware infection rate at 18.4 percent, followed by Sweden at 19.07 percent. Norway had the third-lowest rate at just over 20 percent, barely beating the United Kingdom. The remaining 10 countries with the lowest infection rates were Uruguay, Germany, Ireland, Finland, Hungary, and Holland.

In general -- and perhaps not too surprisingly -- the most technologically developed nations tended to have the lowest percentage of malware infections. The average infection rate worldwide for the quarter was 31.6 percent (down almost four percentage points compared to Q1). Among the 28 countries belonging to the OECD (so-called developed countries), only seven had a higher-than-average rate: South Korea, Turkey (39.3 percent); Slovakia (36.1 percent); Poland (35.7 percent); Spain (33.4 percent); the Czech Republic (32.3 percent); and Chile (32 percent).

The United States had the eighth-highest infection rate among the 28 OCED countries at 30.03 percent, losing out to Mexico, which had a rate of 30 percent, and Italy, with a 29.82 percent infection rate.

What's more, Panda Labs found that "in the case of China, some of the country's most developed regions have much lower infection rates than the rest of the country; that's the case of Hong Kong for example, whose infection rate stands at a mere 23.36 percent," according to the report.

As to the type of malware infecting the world's PCs, Panda found that around 76 percent were Trojans; 7.9 percent were viruses; 6.7 percent were worms; and 5.8 percent was adware. "It is worth noting the relatively small number of PCs infected by worms, which is lower than the number of new worms created over the quarter," the report said. "The figures corroborate what is well known: Massive worm epidemics have become a thing of the past and have been replaced by an increasing avalanche of Trojans, more specifically, banking Trojans and the infamous 'Police Virus.'"

Variants of the Police Virus (which is actually a Trojan) have made their rounds in various countries in recent months -- including the United States -- and has slowly evolved over time. Originally it was scareware that presented PC users with a screen telling them local law enforcement had detected illicit activities or content on their machines and demanded immediate payment of a fine.

From there it evolved into ransomware similar in functionality to the PGPCoder Trojan; the code is designed to encrypt files on the infected machine and keep them locked until the user coughs up the ransom. The updated version of the Trojan gave victims greater incentive to pay the purported fine to have their files decrypted or system unlocked.

In the past quarter Panda Labs observed a new variant of the Police Virus designed to trick victims into believing they are being watched and video-recorded through their PC's Web cam by law enforcement agents. Users get a similar warning screen, telling them local law enforcement has detected illegal activities or content on their machines, but the warning screen also informs victims they are being monitored via Web cam. To make that threat convincing, the screen includes a small window showing images actually being taken by the Web cam in real time, together with the text "Live recording."

The Trojan is, in fact, capable of taking over a user's Web camera; it's just not recording or sending any of the video to law enforcement. "Users, however, don't know this, and most of them will start to panic and be willing to pay the 'fine' to stop law enforcement from spying on them, as they are made to believe," according to the report.

This article, "Malware infects 30 percent of computers in U.S.," was originally published at Follow the latest developments in business technology news and get a digest of the key stories each day in the InfoWorld Daily newsletter. For the latest developments in business technology news, follow on Twitter.

Copyright © 2012 IDG Communications, Inc.