March 10, 2014
McAfee released the McAfee Labs Threats Report: Fourth Quarter 2013, which details several notable trends, including the role of the cybercrime industry as a key enabler of high-profile point-of-sale (POS) attacks and data breaches that took place in the fall of 2013. Report highlights include:
The cybercrime industry and its role in POS attacks. The cybercrime industry was complicit in making these attacks possible, from the purchase of POS malware to the anonymous sale and monetization of stolen credit card numbers.
Malicious signed binaries: Can we trust the Certificate Authority model? For many quarters, McAfee Labs researchers have chronicled the rapid rise of malicious signed binaries. With more than 8 million now cataloged, trust in the Certificate Authority model is eroding. The security industry needs to help users understand which certificates can be trusted.
Microsoft Office zero-day exploit discovered by McAfee Labs. In November 2013, McAfee Labs discovered a zero-day exploit that attacks a vulnerability in Microsoft Office. It is the first known zero-day exploit of the .docx format. Our report describes how we unpacked the exploit, worked with Microsoft to develop a patch for it, and built defenses into McAfee products to stop it.
The march of mobile malware continues. As with malicious signed binaries, we track the rapid growth in mobile malware: 2.4 million new mobile malware samples were added in 2013, up 197% from 2012. This quarter, we explore what appears to be a relationship between apps that “overcollect” mobile device telemetry and apps that contain or enable malware.
The infographic below highlights key facts and figures discussed in the report. Read the full McAfee Labs Threats Report: Fourth Quarter 2013.