A new Threat Report from security firm McAfee Labs released Tuesday said the company found the biggest increase in malware samples in the last four years during the second quarter. The increase: 1.5 million more malware samples since the first quarter.
The key new threats identified in the report are "drive-by downloads," the use of Twitter for control of mobile botnets, and the appearance of mobile "ransomware."
McAfee maintains a database of malware samples, which it describes as a "zoo." The number of malware samples it is discovering is approaching a phenomenal 100,000 per day. At the rate that malware is increasing, the McAfee report said, the current total of more than 90 million samples in the second quarter will "almost certainly" reach 100 million in the next quarter.
Vincent Weafer, senior vice president of McAfee Labs, said in a statement that attacks traditionally seen on PCs "are now making their way to other devices." As examples, he noted that the company found the Mac-targeted Flashback, as well as techniques such as ransomware and drive-by downloads that targeted mobile.
The key takeway, he said, is that all devices that use the Internet need to be protected.
McAfee's report noted that Android-based mobile devices continue to be the most targeted mobile platform. It found that "virtually all new mobile malware detected in Q2 2012 was directed" at that platform, in the form of SMS-sending malware, mobile botnets, spyware and destructive Trojans.
Ransomware, which has been increasing each quarter, requires owners to make a payment in order to continue having access to their photos and files on a given computer. Botnets, which send out viruses or spam via a of compromised computers, are now in a 12-month high for infections.
Among the new means of botnet control is the use of Twitter as a command-and-control device, where tweets are sent and commands are enacted by its followers -- infected devices.
There's also been growth in malware infection via thumb drives, such as the Autorun worm. In addition, McAfee has accounted for nearly 1.6 million new samples of password-stealing malware that collects account names and passwords.
Untrustworthy Web sites have also been booming. In the quarter alone, McAfee found an average of about 2.7 million new URLs for these kinds of Web sites each month -- about 10,000 new malicious domains daily. The total number of bad URLs referenced by McAfee is now over 36 million. Nearly 95 percent of those "bad sites" host malware or code that is designed to hijack computers.
Another new trend: crimeware-as-a-service, where crime syndicates offer hosting services for malware practitioners. In one such Russian-language offering noted in the report, advertised services that are allowed include spam and phishing, while child porn and fascism are not.
Amidst the depressing news, McAfee does point to a variety of major police actions in the second quarter, including the busting of an online drug market, the successful targeting of three-dozen sites that handled stolen credit card and online bank account info, and more than a dozen other successes.
Posted: 2012-09-05 @ 6:38am PT
Its sad, but true. Looking at the recent malware and virus outbreaks. And its not only limited to malwares, but trojans are also being spread all-across the internet to archive user's personal and confidential data. Later that turns-out to be a password security breach; which is not a 'wondering' moment for me because on this Cyber-world our identities and most of our information is not secured. And with this advancement in technology, and the rising numbers of cyber-wars / attacks. I'm now worried about a digital World-War.
However, for my own satisfaction and safety. I have subscribed for a virtual desktop service (aka. desktop-as-a-service). Now I operate in the virtual environment with the same OS features, and thus I am not directly venerable to these malwares, trojans and viruses. Addition to this, I can run multiple desktop-windows / Operating systems side-by-side on my Mobile, iPad, Android tablets, Laptop or PC without any need of rebooting. Its also a great solution for mobile-work force (BYOD - Bring Your Own Device) to stay remotely connected with more stronger security encryption, and if you are a Apple Macbook lover, you can get the windows and Microsoft office application on your Mac or iPad for business/presentation/spreadsheet management purposes.
This is an article that I found very interesting and informative.
Hope you'll enjoy it.