Security specialist McAfee released the McAfee Threats Report:
Second Quarter 2011, showing that the amount of malware targeted at
Android devices jumped 76 percent since last quarter, to become the
most attacked mobile operating system. This year has also resulted in
the busiest ever first half-year in malware history, including a
first-ever appearance of Mac fake AV and a significant uptick in
rootkits, suggesting that McAfee’s comprehensive malware “zoo”
collection will reach a record 75 million samples by the year’s end.
The report also details specific activity shaping the way
cyber-criminals operate, such as cyber-crime “pricebooks” that
determine the going rate for large email address lists, and acts of
hacktivism and cyberwar. With an approximate 12 million unique samples
for the first half of 2011, a 22 percent increase over 2010, this has
been the busiest first half-year in malware history. With the addition
of Q2’s numbers, the grand total of total malware samples in McAfee’s
database has reached approximately 65 million, and McAfee researchers
estimate that this “Malware Zoo” will reach at least 75 million samples
by the year’s end.
“This year we’ve seen record-breaking numbers of malware, especially
on mobile devices, where the uptick is in direct correlation to
popularity,” said Vincent Weafer, senior vice president of McAfee Labs.
“Overall attacks are becoming more stealth and more sophisticated,
suggesting that we could see attacks that remain unnoticed for longer
periods of time. High-profile hacktivist groups have also changed the
landscape by drawing a line between attacks for personal gain and
attacks meant to send a message.”
With the vast amount of personal and business data now found on
user’s mobile phones, mobile malware is steadily increasing, often
mimicking the same code as PC-based threats. In the second quarter of
2011, Android OS-based malware surpassed Symbian OS for the most
popular target for mobile malware developers. While Symbian OS and Java
ME remain the most targeted to date, the rapid rise in Android malware
in Q2 indicates that the platform could become an increasing target for
cyber-criminals – affecting everything from calendar apps, to comedy
apps to SMS messages to a fake Angry Birds updates.
Another malware category that is demonstrating recent steady growth
is stealth malware. The tactic of hiding malware in a rootkit is used
by cyber-criminals to make malware stealthier and more persistent, and
has seen this type of attack gain in prominence over the past year,
with high-profile attacks such as Stuxnet. Stealth malware has
increased more rapidly in the last six months than in any previous
period, up almost 38 percent over 2010.
Though spam is still at historic low levels, due in part to the
Rustock takedown, McAfee Labs still expects to see a sharp rise in
activity over the coming months. A common method for cyber-criminals to
increase their volume of spam activity is to purchase a bulk list of
emails in order to flood as much spam as possible to a widespread group
of people. Whether it’s a botnet or a rental service, prices vary for
such enterprises, often by location. For instance, in the United
States, the going rate for 1 million emails is $25, whereas in England
1.5 million emails are worth $100.