Malware continues to plague computers and mobile devices. With record levels of malware discovered and new methods of attacks now circumventing security, the third quarter of 2013 was no exception to these threats.
The McAfee Labs team identified a new class of malware that allows cybercriminals to evade digital signature apps validation on both PCs and Android-based devices, which largely contributed to the malware findings this quarter. In fact, the total amount of digitally signed malware has increased by 50% to more than 1.5 million samples documented.
Attacks against the Android operating system continue to drastically exceed those targeted at other mobile platforms, including Apple iOS. In the third quarter alone, McAfee Labs reported a one-third spike in Android-based malware, which is greater than the prior two quarters. More than 680,000 samples of Android malware have been documented this period. Below are a few of the most recent methods of attack:
- Exploit/MasterKey.A — This mobile threat is an entirely new group of Android-specific malware that bypasses a crucial section of the Android security process meant to protect installed apps — digital signature validation. App developers use digital certificates to sign their apps and verify safety. When circumvented, cybercriminals can install malware on unsuspecting victims’ devices.
- Two-part malware — Cybercriminals can discreetly install mobile malware by deploying it in smaller sections. One part can be disguised within an app, which will then pull the malicious sections toward the device by accessing the Internet. The malicious sections will then go to work, stealing information installed on the device.
- Mobile banking Trojans — The increase in banking on smartphones and tablets has led to the rise of malicious mobile banking apps. McAfee Labs has documented apps that hide on a user’s device under other names, and proceed to steal banking login information. Cybercriminals then use the information to hack the account — all without the user’s knowledge.
McAfee Labs researchers discovered a whopping 20 million new malware threats this quarter alone — the second highest amount ever recorded. There are now nearly 172 million samples locked in the McAfee Labs database.
The presence of rootkits — stealth malware that remains on a system undetected for an extended period — has rebounded for the first time since 2011, with more than twice as many new samples than last quarter.
AutoRun malware that typically hides on USB drives doubled at the start of the year and has remained a persistent threat throughout 2013. Once a USB drive with AutoRun is used, an attacker can easily take control of a user’s device.