Mobile “Drive-by Downloads”, Use of Twitter for Control of Mobile Botnets, and Mobile “Ransomware” Among the Latest Trends
SANTA CLARA, Calif. – September 4, 2012 – McAfee today released the McAfee Threats Report: Second Quarter 2012, which found the biggest increase in malware samples detected in the last four years. McAfee Labs detected a 1.5 million increase in malware since Q1 2012 and identified new threats such as mobile “drive-by downloads”, the use of Twitter for control of mobile botnets, and the appearance of mobile “ransomware”.
Through proprietary research and investigation, McAfee Labs has been witness to rapid growth in its database or “zoo” of malware samples. With the malware sample discovery rate accelerating to nearly 100,000 per day, McAfee has identified key malware variants affecting a range of users globally.
“Over the last quarter we have seen prime examples of malware that impacted consumers, businesses, and critical infrastructure facilities,” said Vincent Weafer, senior vice president of McAfee Labs. “Attacks that we’ve traditionally seen on PCs are now making their way to other devices. For example, in Q2 we saw Flashback, which targeted Macintosh devices and techniques such as ransomware and drive-by downloads targeting mobile. This report highlights the need for protection on all devices that may be used to access the Internet.”
Malware on the rise
As PC malware writers master their craft, they continue to transfer their skills to other popular consumer and business platforms, such as Google’s Android OS. After the mobile malware explosion in Q1 2012, Android malware shows no signs of slowing down, putting users on high alert. Virtually all new mobile malware detected in Q2 2012 was directed at the Android platform, and was comprised of SMS-sending malware, mobile botnets, spyware and destructive Trojans.
Mobile ransomware and botnets: the latest cybercrime fads
Ransomware, steadily increasing quarter over quarter, has become a popular avenue for cybercriminals. Damage can range from loss of photos and personal files for home users to data encryption and demands for money for large enterprises. Ransomware is especially problematic as it can hold computers and data hostage, instantly damaging machines.
Botnets, a network of compromised computers infected with malicious software and used to generate spam, send viruses or cause Web servers to fail, have also taken center stage again this quarter with infections reaching a 12-month high. With the U.S. as the global hub of botnet control servers, new methods for control have also been uncovered, including the use of Twitter for mobile botnet command and control. As such, the attacker can tweet commands with relative anonymity and all infected devices will follow them.
Thumb drive corrupters, password stealers and web threats
Thumb drive and password-stealing malware showed significant growth in Q2. At nearly 1.2 million new samples, the AutoRun worm spreads from thumb drives by executing code embedded in AutoRun files, repeating the process on any and all drives discovered. Password-stealing malware, at nearly 1.6 million new samples, collects account names and passwords, so an attacker can pose as the victim.
Websites with malicious reputations are influenced by the hosting of malware, potentially unwanted programs, or phishing sites. This quarter McAfee Labs recorded an average of 2.7 million new bad URLs per month. In June, these new URLs were related to about 300,000 bad domains, which is equivalent to 10,000 new malicious domains every day. Of the new bad-reputation URLs, 94.2 percent host malware, exploits or code that have been specifically designed to hijack computers.
Each quarter, the McAfee Labs team of 500 multidisciplinary researchers in 30 countries follows the complete range of threats in real time, identifying application vulnerabilities, analyzing and correlating risks, and enabling instant remediation to protect enterprises and the public. To learn more about the rise in malware in the full copy of the McAfee Threats Report, Second Quarter 2012, please visit http://www.mcafee.com/ca/resources/reports/rp-quarterly-threat-q2-2012.pdf.
McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world's largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse and shop the Web more securely. Backed by its unrivaled Global Threat Intelligence, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe. http://www.mcafee.com
Note: McAfee is a trademark or registered trademark of McAfee, Inc. in the United States and other countries. Other names and brands may be claimed as the property of others.