فا

‫ McAfee Threats Report: Third Quarter 2011 – 1st Section

IRCRE201111082
Date: 2011-11-27
The McAfee Labs has studied the security threats of the third half of 2011 in a report. The following report is briefing that report.
Mobile Threats
Last quarter the Android mobile operating system became the most “popular” platform for new malware. This quarter Android became the exclusive platform for all new mobile malware. The Symbian OS (for Nokia handsets) remains the platform with the all-time greatest number of malware, but Android is clearly today’s target.
Premium-rate SMS-sending Trojans continue to be attractive to malware authors. The Android/Wapaxy, Android/LoveTrp, and Android/HippoSMS families are new versions of premium-rate SMS Trojans that sign up victims to subscription services. The malware also cleverly deletes all subscription confirmation messages received so that the victim remains unaware of the activity, and the attacker makes more money.
Maliciously modified apps made up a good portion of mobile malware this quarter. The Android/PJApp family sends SMS messages, too, but also collects sensitive information from the phone.
In an interesting turn, Android malware has begun a new method of stealing information from users: by recording their phone calls. Two examples are Android/NickiSpy.A and Android/GoldenEagle.A, both of which record user conversations and forward them to the attacker. Attackers can’t be sure that the first one or two calls have the information they seek, so these malware remain on the devices for extended periods without being detected; that’s a very persistent threat indeed!
Another technique for stealing information is to use root exploits to gain access to system databases. This allows attackers to break free of the application sandbox that Android would normally make them sit in, and allows attackers access to all of the phone’s data and operations. The Android/DroidDeluxe and Android.ApkMon families try to gain root access to read system files. We expect this trend to continue as it has proved useful for years on other platforms.
As you can see in the next chart, mobile malware growth in 2011 is firmly on target to exceed last year’s and become the busiest year in mobile malware’s short, but interesting, history.
And Android is the top target of today’s mobile malware authors.
Malware Threats
The overall growth of malware declined slightly during this quarter compared with last quarter but remains about equal with last year’s pace at the same time of year. Third-quarter growth has been slower than the second quarter’s for the last two years; maybe malware writers take vacations like the rest of us. But we warn you not to get complacent—because the cumulative malware number has exceeded the 70 million mark. We predicted this figure last year. We expect to count around 75 million unique malware samples by year’s end.
Despite the fact that their overall numbers are slightly down, we saw interesting development in rootkits in general. Rootkits, or stealth malware, are one of the nastiest threats we face. They are designed to evade detection and thus “live” on a system for prolonged periods. The next graph shows that the overall numbers are again on a growth curve.
Let’s catch up on some of our other “favorite” malware: Fake AV, AutoRun, and password-stealing Trojans. Fake AV, also known as fake alert or rogue security software, has bounced back strongly from previous quarters, while AutoRun and password stealers remain at relatively constant levels.
Previously considered almost a misnomer, Mac malware continues to show a bit of growth—although this can be deceptive. When we look at a chart of overall malware growth for the Mac, the trend appears unremarkable.
Related Links:
References:
McAfee Threats Report: Third Quarter 2011

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

مشخصات خبر

 
تاریخ ایجاد: 25 بهمن 1390

برچسب‌ها

امتیاز

امتیاز شما
تعداد امتیازها: 0