Surge in Malware and Drop in Spam: McAfee

McAfee has released the McAfee Threats Report: First Quarter 2011. With six million unique samples of recorded malware, Q1 2011 was the most active first quarter in malware history.

The report, released today (June 1) revealed many of the trends that had a significant impact on the threat landscape, such as the takedown of the Rustock botnet, which resulted in spam remaining at its lowest levels since 2007, and confirmed that mobile malware is the new frontier of cybercrime.

“The Q1 Threats Report indicates that it’s been a busy start to 2011 for cybercriminals,” said Vincent Weafer, senior vice president, McAfee Labs.

“Even though this past quarter once again showed that spam has slowed, it doesn’t mean that cybercriminals aren’t actively pursuing alternate avenues. We’re seeing a lot of emerging threats, such as Android malware and new botnets attempting to take over where Rustock left off, that will have a significant impact on the activity we see quarter after quarter.”

[ Also Read: Snapdragon Comes for Your Mobiles and Tablets ]

With more than six million unique malware samples in Q1, this period far exceeds any first quarter in malware history. February 2011 saw the most new malware samples of the quarter, at approximately 2.75 million samples.

Fake anti-virus software had a very active quarter as well, reaching its highest levels in more than a year, totaling 350,000 unique fake-alert samples in March 2011.

[ Also Read: President Obama Takes Lisa Hook in Telecoms Body ]

Malware no longer affects just PCs. As Android devices have grown in popularity, the platform solidified its spot as the second most popular environment for mobile malware behind Symbian OS during the first three months of the year.

Meanwhile, China received about 64% of the world’s mobile attacks on Android devices in the first quarter of 2011, according to a mobile security report released by NetQin Mobile Inc., a mobile security services company. Ranked second on the list is the US with 7.6%, followed by Russia, India, and Indonesia respectively with 6.1%, 3.4% and 3.2%. NetQin warns that Android users are facing more severe mobile challenges than ever. (Read: Chinese Android Users under Mobile Attacks)

A McAfee Labs mobile application security whitepaper, released today in conjunction with this McAfee Threats Report, discusses how most Android devices allow the “side-loading” of apps and are not restricted to getting them from a centralized app store, and there is no centralized place where Google can check all apps for suspicious behavior.

The cybercriminals behind the Zeus crimeware toolkit have also directed attacks toward the mobile platform, creating new versions of Zitmo mobile malware for both Symbian and Windows Mobile systems to steal user bank-account information, says McAfee.

[ Also Read: Thought Leaders Invited to Write for RMN News Site ]

Spam may be at its lowest levels in years, but many botnets are in the position to fill the gap left by the decline of Rustock and Zeus. The competition includes Maazben, Bobaz, Lethic, Cutwail and Grum.

Cybercriminals often disguise malicious content by using popular “lures” to trick unsuspecting users. Spam promoting phony or real products was the most popular lure in most global regions.

[ ADVERTISEMENT: Raman Media Network: Connecting Communities ]

In Russia and South Korea, drug spam was the most popular; and in Australia and China, fake delivery status notifications were among the most popular. Q1 also brought a new trend among “banker” Trojans, malware that steal passwords and other data, that use popular lures in their spam campaigns such as UPS, FedEx, USPS and the IRS.

McAfee Labs saw some significant spikes in malicious web content that corresponded with high-impact news events such as the Japanese earthquake and tsunami and major sporting events, with an average of 8,600 new bad sites per day.

In the same vein, within the top 100 results of each of the daily top search terms, nearly 50 percent led to malicious sites, and on average contained more than two malicious links.

McAfee, a wholly owned subsidiary of Intel Corporation, is a dedicated security technology company.

RMN News

Rakesh Raman