Alert Sign Dear reader, online ads enable us to deliver the journalism you value. Please support us by taking a moment to turn off Adblock on

Alert Sign Dear reader, please upgrade to the latest version of IE to have a better reading experience


Pakistan top target of malware attacks worldwide, says Microsoft report

Updated May 05, 2016 10:18pm


Your Name:

Recipient Email:

SAN FRANCISCO: Pakistan, Indonesia, the Palestinian territories, Bangladesh, and Nepal attract the highest rates of attempted malware attacks, according to Microsoft Corp.

Countries that attracted the fewest include Japan, Finland, Norway and Sweden, reveals the Microsoft Security Intelligence (MSI) report Volume 20 for the second half of 2015.

The report assesses software vulnerabilities and exploits, malware and unwanted software with the help of sensors in systems running Microsoft anti-malware software.

Highest threat encounter rate

Pakistan, Indonesia, Bangladesh and Nepal were also among locations with the highest threat encounter rates in the first half of 2015.

Trends for the five locations with the highest encounter rates in 2H15. ─ MSI report
Trends for the five locations with the highest encounter rates in 2H15. ─ MSI report

Although there appeared to be a worldwide dip in threat encounter rates, they rose again after 2015 Q2. By the end of the year, an encounter rate of over 60 per cent was reported for Pakistan ─ the highest in the world ─ as compared to the worldwide average of just over 20pc.

Threat families found to be unusually common in Pakistan included the worm families Win32/Ippedo, which was ranked third in Pakistan but 28th worldwide, and Win32/Nuqel, which was ninth in Pakistan but 71st wordlwide.

Fifth highest infection rate

Pakistan had the fifth highest infection rate in the second half of 2015 after Mongolia, Libya, the Palestinian territories and Iraq at 71.3 Computers Cleaned per Mille (CCM). The worldwide average during this time period was 16.9 CCM.

Trends for the five locations with the highest infection rates in 2H15.
Trends for the five locations with the highest infection rates in 2H15.

Microsoft's infection rate metric, CCM, is defined as the number of computers cleaned per 1,000 unique computers by the Microsoft Malicious Software Removal Tool ─ a free tool distributed by the company's update services, which removes over 200 "highly prevalent or serious threats from computers", according to the report.

Infecting families unusually prevalent in Pakistan include the worm family Win32/Tupym ─ 13th in Pakistan, 110th worldwide ─ and the backdoor family Win32/Bifrose, which is 15th in Pakistan and 115th worldwide.

'More than 10 million attacks on identities daily'

"We look at north of 10 million attacks on identities every day," said Microsoft manager Alex Weinert, although attacks do not always succeed.

About half of all attacks originate in Asia and one-fifth in Latin America. Millions occur each year when the attacker has valid credentials, Microsoft said, meaning the attacker knows a user's login and password.

A technology known as machine learning can often detect those attacks by looking for data points such as whether the location of the user is familiar.

On average, 240 days elapse between a security breach in a computer system and detection of that breach, said Tim Rains, director of security at Microsoft.


Your Name:

Recipient Email:

Comments (30) Closed

Naseem Ahmad May 05, 2016 07:11pm

Why don't people reliase that there are free anti-virus programs which can cut these kinds of attacks, and also be alert of opening any website.

ramesh May 05, 2016 07:44pm

Most of them come from porn sites.

TK May 05, 2016 08:02pm

@ramesh ; how do you know?

Skeptic May 05, 2016 08:02pm

Such reports related to Pakistan, simply 'bug' me.

kash May 05, 2016 08:04pm


Yup agree,

saj May 05, 2016 08:09pm

@ramesh - not necessary. I have had multiple laptops running. 1 with protection, others without. I don't do porn sites, but I do a lot of downloads, software tests. I would say its people who don't know any better. Not saying porn isn't part of the problem, I wouldn't say "most of them".

Janjua May 05, 2016 08:20pm

@TK its fact. Porn sites, lucrative e-mail attachments from unknown senders infect computers.

Ednanayub May 05, 2016 08:32pm

Thats due to improper usage of pc software types and Internet.

Osman May 05, 2016 08:39pm

Indians waste no opportunity in bashing Pakistanis.

AG May 05, 2016 08:58pm

no wonder why this is happening, Pakistanis are also among the highest on google who search porn on web!!

AG May 05, 2016 08:59pm

@Naseem Ahmad Please don't, these free anti-viruses are in-fact malwares. Nothing comes free pay and be safe

Cyrus May 05, 2016 09:06pm

Don't understand. Why would that be? Are Pakistanis trying to steal from Pakistanis? Are they mad at the government? What? It's easy to hack Pakistan?

Zak May 05, 2016 09:20pm

I use Linux and all free from all win32 attacks.

Sr May 05, 2016 09:19pm

@TK it is lack of that knowledge why there is a lot of malaware attack

ramesh May 05, 2016 09:19pm

@saj agree but how many like you in Pakistan

Woz ahmed May 05, 2016 09:25pm

I think this is a result of developing countries having low bandwidth so that windows updates are not always applied.

Also much 'free' software is infested.

There is good free AV and scanning software out there, but you need to choose your sources well.

Finally the innocence of those new to the Internet is a factor.

Ehs May 05, 2016 09:27pm

Porn sites, crack sites, illegal download sites, etc. are a major source of these kind of problems.

It's important to avoid these kind of websites and have an updated anti-virus installed. Also before jumping to any conclusions guys, try to understand there are a lot of used outdated computers imported and sold in Pakistan - with many having outdated or no virus protection software installed.

Kashmiri Nationalist May 05, 2016 10:07pm

Be careful about browsing habits and suspicious files and boos security through anti malware and anti virus software people! Life can be affected if your computer is compromised. So many scams out there. Don't be a victim. Hopefully nobody is still using windows XP or other older OS.

Kashmiri Nationalist May 05, 2016 10:10pm

Malware bites, adaware and Spybot search and destroy are pretty effective programs.

Shah May 05, 2016 10:22pm

Use Adblock people, use it!

True Blue Indian May 05, 2016 10:36pm

@Osman No one bashing anyone .. It's just a report. Even India is big time victim in case of virus I had to format my laptop 3 times in 2 months

Zak May 05, 2016 10:50pm

Most of it is coming to Pakistan ( the most), Bangladesh and Nepal. I wonder which unfriendly country they border? There in lies the answer.

Naseem Ahmad May 05, 2016 11:00pm

@Osman No bhai, there is no Pakistan bashing, this is the truth that most of the viruses are attached with porn sites.

Take care.

Naseem Ahmad May 05, 2016 11:01pm

@AG I agree nothing comes for free, but all the well known brands offer free version of their software, and they do not have any viruses attached.

jamshed May 06, 2016 01:03am

@Osman And they get away as well.

khanman May 06, 2016 02:03am

@kash yoo too brutus :)

khanman May 06, 2016 02:06am

@Zak x86 proc still not safe, better shift to risc proc e.g solaris on sparc proc and then you totally safe

Waseem May 06, 2016 04:22am

Its nothing, but lack of pc usage knowledge.

anonymous May 06, 2016 10:09am

@ramesh actually porn sites are the most safest in terms of malware attacks because they are regularly checked as they want you to revisit regularly

milind May 06, 2016 10:12am

Everywhere in the world there are common reasons for increased attacks:

  1. Desire to get stuff free: Getting one thing and then sharing with everybody. If its infected, it travels. The dreaded pen drive comes to mind.

  2. Lack of knowledge and care for Privacy and security.

  3. Use of public internet access points like cyber cafes which act as distribution centers. Happens more in developing countries as people owing personal computers with reliable internet connections is lower.