USB Worm No. 1 Malware: McAfee Report


In addition, the "McAfee Threats Report, First Quarter 2010" indicated a trend of diploma spam coming from China and other Asian countries, while spammers are continuing to exploit high-profile news events, such as the Haiti earthquake, by poisoning search engines. Finally, the report found that U.S.-based servers continue to host the majority of malicious URLs.

Threats on portable storage devices rose to the top of the list as the most popular malware, evident by a rash of AutoRun infections that held the No. 1 and No. 3 spots for top five malware over the last quarter.

Security experts contend that attacks delivered via portable storage devices have experienced a revival in recent months, after being dormant for an extensive period of time.

"It's kind of like your old-school style of malware, one device to another device" said Dave Marcus, security research and communications manager for McAfee Labs. "Those were dead for the longest period of time."

Sponsored post

Password-stealing Trojans rounded out the top five malware following portable storage-based attacks, which included generic downloaders, unwanted programs and gaming software that anonymously collects statistics, according to the report. All of the top five threats remained consistently popular worldwide.

NEXT: Social Network Attacks

Marcus said that social-engineering attacks, particularly those targeting social networks, are continuing on a rapid upward trend. Password reset malware is also on the rise, as are malware such as Koobface, which is directed at specific social networks.

In addition, Marcus said that McAfee researchers have seen an upsurge of attacks targeting Twitter, including an increase in bot activity and a rise in attacks exploiting URL-shortening services.

"More and more businesses are using Twitter. The fact that you have a bot devoted to its control channel is a big deal," Marcus said.

In addition, spam levels have remained steady worldwide. China, South Korea and Vietnam are sources for a significant amount of diploma spam, which solicits forged documents to establish qualifications such as education or jobs. Meanwhile, Singapore, Hong Kong and Japan had high rates of "deliver status notification" spam, the report found, possibly indicating issues related to e-mail filtering technologies.

The McAfee report also found that Thailand, Romania, the Philippines, India, Indonesia, Colombia, Chile and Brazil received higher doses of both malware infections and spam than other nations worldwide. The findings indicate that while these countries are beginning to develop their technology infrastructures that has led to Internet expansion, widespread security awareness and deployment still lags, security experts say.

As previous trends have indicated, the report found that attackers are still leveraging major news events to poison Internet searches. The earthquakes in Haiti and Chile took the No. 1 and No. 2 spots for most popular spam subjects, followed by the Toyota recall, Apple iPad launch, and the NCAA March Madness. Specifically, cybercriminals are increasingly using analytics and page-ranking logic to put malicious sites at the top of respected search engines in an attempt to drive traffic.

"A lot of people don't realize the bad guys read the same news the good guys do," Marcus said.

And despite reports of copious malware sourced internationally, the report also showed that the U.S hosted the vast majority of new malicious URLs, totaling 98 percent. The staggering figure was due, in part, to the location of numerous Web 2.0 services provided by U.S.-based hosts.

Of the remaining 2 percent, China-based malware occupied 61 percent and Canada hosted 34 percent of malicious URLs.