McAfee Sees Biggest Malware Increase In Four Years


McAfee says their latest research into malware has identified the biggest increase in malware samples detected by the company in the last four years. New trends include mobile “drive-by downloads”, the use of Twitter for control of mobile botnets and the emergence of mobile “ransomware.”

According to the McAfee Threats Report: Second Quarter 2012, McAfee Labs detected a 1.5 million increase in malware since the first quarter of this year alone, as well as a malware sample discovery rate that is accelerating to nearly 100,000 per day.

Meanwhile, the BYOD phenomenon continues to open up new attack vectors, frequently because devices brought in from outside the enterprise are often improperly secured, or are used to access questionable Web resources. This vulnerability appears to be especially acute among devices that use Google's Android OS, given that this platform continues to be highly targeted by malware authors.

 

[Related: FireEye Study: Evasive Malware Rises Nearly 400 Percent]

According to McAfee, virtually all new mobile malware detected in second quarter 2012 was directed at the Android platform, and it was comprised of SMS-sending malware, mobile botnets, spyware, Trojans and even mobile ransomware, which is solidifying its place as a new tool in the criminal arsenal. While the damage from this attack vector can often be more personal in nature, ransomware can also be used to damage equipment and hold data hostage, as its name would imply.

"Cyber criminals are actually getting very creative at avoiding detection," said Pat Calhoun, senior vice president and general manager, network security for McAfee. "They are also getting a lot better at identifying exactly what they want to go after. It's no longer about mass disruption. It's much more about going after highly targeted information or individuals. And, a lot of the technology that they are leveraging is helping them to do that. Social media for example, is useful tool to them."

Calhoun explained that attackers can often use social media to generate lists of people whom users know and trust. "For example, if I can hack into your social media, I can find out who you are, who your friends are, and what your interests are. I could then craft an email that looks like it comes from one of your friends that includes a document that contains malware. But, I can make it look legit based on my knowledge of your friend and what your mutual interests would be."

Meanwhile, botnet infections have reached a 12-month high, with the United States emerging as the global leader in hosting botnet command-and-control servers. Criminals have also begun using Twitter to support mobile botnet command-and-control.

NEXT: Increases In Malicious Domains