Sophos Security Threat Report 2012 Identifies Decline in Fake Antivirus Threats, but Increase in Infected Websites

Popular security firm Sophos has published its annual security report, which analyzes the major security trends of the year gone by. The latest report dives into the various security threats that we witnessed in 2011.

Sophos dubbed 2011 as the year hacking evolved from being a way to steal money to a form of protest. The first year of the new decade witnessed Anonymous and its offshoot LulzSec capture public imagination and dominate headlines. It also saw an increase in data theft, drive by infections, and malwares for Mac.

The full report, which spans 31 pages, is available for download or online viewing from Sophos’ website. Here are some of the key takeaways.

  • Since 2005, security breaches have compromised more than 500 million U.S. records alone.
  • In 2010, the costs of a data breach reached $214 per compromised record, and averaged $7.2 million per data breach event.
  • More than three years after its initial release, the Conficker worm was still the most commonly encountered piece of malicious software, representing 14.8% of all infection attempts seen by Sophos customers in the last six months.
  • There has been a sharp decline in the threat posed by fake antivirus products, but they were still responsible for 5.5% of infections in the last six months of 2011.
  • As a result of the Rustock botnet shutdown (previously responsible for the largest volume of spam), there was an immediate drop of about 30% in global spam volumes in March 2011. Unfortunately, Sophos Labs also witnessed an increase in the volume of spam with attached malware.


  • According to Sophos Labs, more than 30,000 websites are infected every day and 80% of these infected sites are legitimate. Eighty-five percent of all malware, including viruses, worms, spyware, adware and Trojans, comes from the web. Today, drive-by downloads have become the top web threat. And in 2011, we saw one drive-by malware rise to number one, known as Blackhole.
    About 10% of detections are exploit sites, about two-thirds of which are Blackhole sites.


  • 2011 saw the emergence of Mac malwares as a genuine threat. Fake antivirus schemes such as MacDefender, Mac Security, MacProtector and MacGuard all came to light this year.


  • Windows may be the most attacked OS, but the primary vectors for hacking Windows have been through PDF or Flash.

Published by

Pallab De

Pallab De is a blogger from India who has a soft spot for anything techie. He loves trying out new software and spends most of his day breaking and fixing his PC. Pallab loves participating in the social web; he has been active in technology forums since he was a teenager and is an active user of both twitter (@indyan) and facebook .