McAfee Labs researchers today announced a surge in malware samples
this year - particularly threats that take advantage of mobile networks
to launch drive-by downloads, control botnets using Twitter and spread
ransomware that locks down infected machines and demand payments from
users.
The Santa Clara-based company released its Q2 Threat Report,
in which its researchers say they've unearthed 1.5 million new pieces
of malware this year, or an average of nearly 100,000 malware samples a
day. More and more malicious code is targeting Google's Android OS,
though Apple users are far from immune too. More than 100 new
Mac-oriented samples were discovered last quarter.
"Attacks that
we've traditionally seen on PCs are now making their way to other
devices. For example, in Q2 we saw Flashback, which targeted Macintosh
devices and techniques such as ransomware and drive-by downloads
targeting mobile," said the Labs' senior vice president, Vincent Weafer,
in a prepared statement.
The findings in today's report come from McAfee Labs' 350 researchers scattered across 30 countries.
Among
the emerging threats gaining traction is "signed malware," in which
attackers attempt to evade detection and encourage open rates by using
digital signatures from stolen certificates. "In our 2012 Threats
Predictions we predicted that this technique, likely inspired by the
success of Duqu and Stuxnet, would rise in 2012. That opinion seems to
be a successful example of crystal-ball gazing," researchers wrote in
the quarterly report.
The past quarter was also the busiest ever
for ransomware, which holds part or all of a victim's data hostage and
demands anonymous payment methods to restore it.
"Ransomware is
particularly problematic because the damage is instant and commonly a
machine is rendered completely unusable. So not only is the victim’s
data destroyed, but some of the victim’s money is also gone if he or she
attempts to pay the attacker’s ransom. And although it is a personal
disaster for a home user to lose years’ worth of data, pictures, and
memories, the situation can be much worse in an enterprise if the
malware encrypts all the data that a victim has write-access to on a
corporate network," the report states. The authors advise users to be
be careful opening file attachments and back up systems regularly.
Enterprise-level admins should consider establishing access protection
rules in their security products.
Botnets reached a 12-month high
last quarter, with more attackers using Twitter to send out commands and
get all infected devices to follow them. Additionally, thumb drives
containing malware - particularly password-stealing code - remain a
popular conduit to infect machines.
Spams growth rate slowed in
most parts of the world, with the exceptions being Columbia, Japan,
South Korea and Venezuela. Among those with more than 10 percent growth
in spam, social media proved a useful channel to peddle adult products,
drugs, lonely women and phish scams.
More Web sites that host
malware are gaining bad reputations. "Reputations can be based on full
domains and any number of subdomains, as well as on a single IP address
or even a specific URL. Malicious reputations are influenced by the
hosting of malware, potentially unwanted programs, or phishing sites.
Often we observe combinations of questionable code and functionality.
These are several of the factors that contribute to our rating of a
site’s reputation. By the end of June, the total number of bad URLs
referenced by our labs overtook 36 million! This is equivalent to 22.6
million domain names."
The authors note that their figure is at odds with the 9,500 new malicious web sites Google announced in a June blog post.
Courtesy by Anne saita
No comments:
Post a Comment