Exclusive: Luxembourg has high rate of “DOWNAD” infections, says a computer security firm, even though a solution has been available for the past… seven years.
The Grand Duchy has a huge number of malware infections due to the apparently widespread use of outdated software, Delano has learned.
Malware is, broadly speaking, illicitly installed computer programs that spy on users or covertly diverts computing power to other uses. The Grand Duchy accounted for “0.15% of all detections” in the EU during the first quarter of this year, according to Abigail Pichel, a researcher with Trend Micro, one of the world’s largest computer security firms. The data was provided exclusively to Delano.
Pichel said “the top malware detections” among the firm’s Luxembourg users were DLOADR and DLOADER (both viruses that help download other viruses, which were first detected in 2006 and 2007, respectively), and DOWNAD, “also known as Conficker, this worm remains one of the most leading threats for the past several years.”
What stood out in the researcher’s mind was: “The fact that DOWNAD is one of the top malware for the country, given that Luxembourg is positioning itself as one of the leading countries in Europe for IT.”
“DOWNAD is often found in unpatched computers and computers running on Windows XP are susceptible to this threat. DOWNAD is known to exploit a vulnerability that has been patched since 2008, which implies that there are users (and possibly, businesses) with computers still running on older and unpatched systems in the country. This simply highlights the risks in using (now) unsupported [operating systems] and applications, as well as forgoing regularly applying security patches. It’s certainly curious to see that malware that has been around since 2008 can still be in the 2015 landscape,” noted Pichel.
Indeed market researchers do not even keep tabs on how many computers run that operating system any more. “I don’t have any country specific or hard worldwide data now,” said Annette Zimmermann of Gartner, a big technology research outfit. “We don’t track it anymore. However, I don’t think there are that many left after a major move from Windows XP in 2014… maybe 5% of all business users and low single digits for consumers” globally.
The Trend Micro researcher stressed that her firm’s data: “isn’t necessarily indicative of the population of Luxembourg and Europe. The percentage is reflective of our customers, not the actual population.” A spokesman for the company could not reveal the number of users it has in the Grand Duchy. However several marketshare reports place it among the top five security software vendors worldwide.
So perhaps there are just a few bad IT environments in Luxembourg skewing the infection figures. But the data serves as a reminder to all types of organisations to keep computer systems up to scratch.
Computer users in the Grand Duchy were three times more likely to visit dangerous internet links than those in other EU countries during the first quarter.
According to Trend Micro, Luxembourg represented 0.48% of the hits to malicious URLs (sites hosting malware) that it detected among its customers in Europe. But the Grand Duchy’s daytime population (including cross-border commuters) is only about 0.14% of the EU total.
On the other hand, the computer security firm said that Luxembourg hosted a very small portion of internet addresses sending spam emails and of “ransomware infections” (hijacking a computer and demanding payment to unlock it).