McAfee has released the McAfee Threats Report: Third Quarter 2012, which tells how cyber threats have evolved during the quarter, as well as the global evolution of cyber exploits. In addition to statistics and trends, McAfee claims that the latest report uncovers new details of ‘Operation High Roller,’ a major attack against particular companies and banks.
According to the report, mobile malware almost doubled from the previous quarter. The report also saw jumps in some categories of malware, including ransomware and signed binaries. Database breaches, Rootkits and Mac malware, password-stealing Trojans and AutoRun malware also trended to rise.
“Cybercrime exhibits few signs of slowing down,” said Vincent Weafer, senior vice president of McAfee Labs. “Though we tend to highlight the numbers, the fact is that we continue to see increased sophistication of attacks. Cybercrime, hacktivism, and cyber warfare are in a continual state of evolution. Everyone from governments to large enterprises, small business and home users are facing a wider range of digital threats from these forces, as they gain more actionable intelligence on their victims, and leverage the newest attack platforms and exploits tools to launch their campaigns. We all need to equip ourselves with basic situation awareness to our online risks and how best to prevent and combat these threats.”
Other clear trends during the quarter included an increase of Ransomware, that is, when a computer is locked the owner must pay a fee for it to be unlocked. Malware for the Mac platform and Trojans that steal passwords continue to increase.
The clearest trends in the quarter’s report include:
Cyber-crime is spreading
Operation High Roller, as McAfee and Guardian Analytics discovered, has now spread beyond Europe. At least one major U.S. financial institution has suffered during the quarter. Cyber criminals are setting up automatic transfer system used to attack the banks and financial institutions.
Ransomware continues to develop
During the third quarter, McAfee revealed a number of new unique examples of Ransomware, a type of threat such as encrypting a computer or a phone, and then require a payment to criminals to unlock the information or give the person a password. This type of threat grew by 43% during the quarter, making it one of the fastest growing. Another common form is the one where the computer suddenly freezes and the users were asked to visit an illegal site.
Malware ‘Zoo’ Tops 100 Million
Although the overall rate of growth of new viruses decreased slightly, the overall number in the malware “zoo” still topped 100 million samples. Mobile threats doubled and threats to the Android platform are growing rapidly. McAfee Labs discovers now up an average of 100,000 new malware threats every day. Since January, signed malware has doubled, which has implications for global trust infrastructure.
Drive-by downloads arrived for Android this quarter with Android/NotCompatible.A. Similar to drive-by installs on the PC — simply visiting a site infects your computer — mobile drive-by downloads drop malware on your phone when you visit a site. A victim still needs to install the downloaded malware, but when an attacker names the file Android System Update 4.0.apk, most suspicions vanish. A new botnet client, Android/Twikabot.A, uses Twitter for control. Instead of connecting to a web server, the malware searches for commands from specific attacker-controlled Twitter accounts. The attacker can tweet commands and all infected devices will follow them. Using a service such as Twitter allows an attacker to leverage the resources of others without paying for a dedicated server or stealing one that belongs to a victim. Internet relay chat servers have been exploited in the past for similar reasons, but using the web service gives attackers a small measure of anonymity, the report says.
Databases are increasingly uncertain
The total discovered vulnerabilities in database systems for 2012 have already exceeded the entire statistics of 2011. McAfee discovers close to 100 new database-related vulnerabilities or silently patched by developers this year.
Stealth Malware is growing steadily
Showing steady growth in Q3, this type of stealth malware known as the “nastiest” classifications is growing steadily. These are among the greatest threats through its sophisticated design and ability to hide in different ways to avoid detection.
Web Threats increase 20 percent
Among threats from websites, messaging, and chat, the number of suspicious addresses is increased by 20 percent; with many of these sites contain viruses and Trojans. Almost 64% of these newly discovered suspect URLs are mainly located in North America.