French Statistics Show Prevalence of Threats

October 15, 2012

On the occasion of the establishment of the French-language McAfee “Cybervigilance” blog, I offered to my compatriots some statistics related to France that cover the first three quarters of 2012. Below you’ll find these figures for those who don’t understand the language of Molière.

As of September 30, nearly 150,000 suspicious Internet addresses hosted in France were analyzed by McAfee. There were only 50,000 in late 2011. 73 percent of the current ones are assigned with a maximum risk.

Nearly 70 percent of these URLs hide malware. About 20 percent of them are used in phishing campaigns.

These 150,000 URLs are associated with about 50,000 domains. Just in France, McAfee has added more than 10,000 URLs monthly, which correspond to nearly 2,700 suspect domains each month.

Linked to these URLs, more than 8,000 malware ready to download have been identified in 2012. The two most prevalent:

  • Generic.dx (E4E63BFB0669F2939EBE433D289E49E0)
  • HTML/IFrame.L Trojan (4447FD93D7CA7BAFE66CA119E8303F83)

Regarding phishing, the main worldwide targets using French URLs are eBay, Paypal, Wells-Fargo, American Express, and ADP (Automatic Data Processing). But France is also a target for cybercriminals. In 2012, the most encountered malware pinpointed in France were:

  • Generic.dx!b2az (A75F9BFCFCEAEBBA8749D0705F5AA1E0)
  • W32/Conficker.worm!inf (92B1CA5033820F474F79B1AA8EE44A66)
  • ZeroAccess (11028C6A84A967070CB1286550F2058F)
  • Generic PUP.z!ms (5ED3CEAAAEB87B6D37F806E0EB00F05C)
  • Generic Downloader.x!dze (70535D0798332779DDE87B1435C3627E)
  • W32/Bactera.worm!a (BDDD44CC65A56530ABEBE544DBFA13D1)
  • Adware-Tuto4PC (C0C5903D963030A38CFBBEECC2C1267B and 04E45C5782A0040016FF9B140876CEDF)

In France, the main targets of phishing were (in alphabetical order):

  • BNP Paribas
  • Credit Agricole
  • Electricité de France
  • Free
  • La Banque Postale
  • LexisNexis
  • Meetic
  • Orange
  • SFR
  • VISA France
  • Wistee

The spam volume sent from France by infected computers connected to botnets has been stable since the beginning of the year, despite a slight peak in the second quarter.

The number of new computers joining botnets is decreasing. The two main botnet families are Festi and Cutwail.

After looking at these figures, it’s no surprise that protecting one’s computer is mandatory in France just as in any other country.