McAfee Finds Second Quarter Surge in Malware

Hackers targeting PCs as well as mobile devices

Cyberspace isn't getting any safer. Computer security firm McAfee reports finding the largest increase in malware samples in the last four years during the second quarter of 2012.

That amounts to a 1.5 million increase in malware from the first quarter of the year. The McAfee Threats Report also found some significant changes in the nature of the threats.

"The key things that stood out were the emergence of mobile (Android) 'drive-by downloads' as a new attack vector, the use of Twitter for control of mobile botnets and the appearance of mobile 'ransomware' as the newest way of extracting funds from unsuspecting victims," the report said. "Much of the growth and rebound in malware and threats we saw last quarter has continued strongly."

More threats against PCs

Despite the emergence of new mobile threats, the report found that in the last quarter PC malware had its busiest period in recent history. There was significant growth in established rootkits but a slowdown in others.

Almost all of the families of malware the company said it examined continue to reach new levels, with activity among password-stealing Trojans particularly strong. McAfee's "zoo" of malware sample has accelerated rapidly, to the point where it is now adding nearly 100,000 new samples per day. These variants are quickly spreading around the globe.

"Over the last quarter we have seen prime examples of malware that impacted consumers, businesses, and critical infrastructure facilities," said Vincent Weafer, senior vice president of McAfee Labs. "Attacks that we've traditionally seen on PCs are now making their way to other devices. For example, in Q2 we saw Flashback, which targeted Macintosh devices and techniques such as ransomware and drive-by downloads targeting mobile. This report highlights the need for protection on all devices that may be used to access the Internet."

Ransomware

Ransomware may be the most frightening emerging threat. When it contaminates a device it can take control of personal files and not allow the owner free access again until after they have made a payment.

Botnets, a network of infected computers used to generate spam, send out viruses and in some cases can cause Web servers to fail. McAfee says they reached a 12-month high in the second quarter. With the U.S. as the global hub of botnet control servers, new methods for control have also been uncovered, including the use of Twitter for mobile botnet command and control. That allows the attacker to tweet commands with relative anonymity and all infected devices will follow them.

Declining spam

Spam is becoming less of a problem. The report found that only Colombia, Japan, South Korea, and Venezuela showed an increase greater than 10 percent. The U.S., meanwhile, remains the world's biggest host of malicious Web content.

The United States is often the biggest originator and victim of a variety of threats," the authors wrote. "The Web is a dangerous place for the uninformed and unprotected."

How they voted

Yes

Yes