فا

‫ McAfee Threats Report: Second Quarter 2011 – 1st Section

IRCRE201109077
Date: 2011-09-23
The McAfee Labs has studied the security threats of the second half of 2011 in a report. The following report is briefing the first section of the report.
Mobile Threats

This quarter Android OS-based malware became the most popular target for mobile malware developers. That’s a rapid rise for Android, which outpaces second place Java Micro Edition threefold.

Mobile threats already take advantage of exploits, employ botnet functionality, and even use rootkit features for stealth and permanence.

Maliciously modified apps are still a popular vector for infecting devices: Corrupt a legitimate app or game and users will download and install malware on their smartphones by themselves. Infiltrating popular modified apps this quarter were the malware Android/Jmsonez.A, Android/ Smsmecap.A, and the Android/DroidKungFu, and Android/DrdDreamLite families.
Malware Threats

The malware landscape this quarter has presented us several surprises. Although numerically not the busiest period in history, when combined with the first quarter we have the busiest ever first half-year in this vector. The increase is 22 percent over 2010! McAfee Labs identified almost six million unique malware samples during this quarter. This puts us on track for our cumulative malware “zoo” collection to reach 75 million samples by year’s end.

Just to reinforce how significant the growth has been during the last several years, here is a look at the monthly incremental growth of unique malware binaries:

We now collect on average almost two million new samples every month. This is certainly not a welcome development, but it is consistent and predictable considering how our business and private lives are now tethered to technology.

Among the specific families we track, fake anti-virus software continues to show consistent growth and has even begun to climb aboard a new platform: the Mac. You read that right; fake-AV for Apple’s platform is now a reality. This does not surprise us at McAfee Labs. There are more Mac users than ever before. This puts the Apple platforms squarely in the crosshairs of malware authors. It will be interesting to see if this type of malware makes its way to the iPhone and iPad as well.

Generic password-stealing Trojans declined just a bit this quarter, while AutoRun malware was greatly reduced. Koobface threats dropped to the lowest levels in years.

Rootkits and Stealth Malware

Another malware category demonstrating recent steady growth is the rootkit. A rootkit (sometimes called stealth malware) is code that hides its elements from the operating system and security software. Cybercriminals use rootkits to make other malware stealthier and more persistent. The better hidden the malware is, the longer it will remain on the system and engage in its malicious activity. As you can see from the following chart, rootkits are on the rise overall. The first half of 2011 was comparable to malware overall: Rootkits have seen their busiest-ever six months, up almost 38 percent over 2010! Two of the busiest rootkits that we encounter are Koutodoor and TDSS. Both are nasty and hide malware to steal data.

Adobe Outpaces Microsoft in Attracting Exploits

For several quarters, one of the major trends we’ve seen is that malware authors prefer to write exploits that target vulnerabilities in Adobe products. This trend does not prove that Adobe’s technologies are more vulnerable or have more coding bugs than Microsoft’s. Rather, Adobe is one of the clear leaders in worldwide client applications, and this leadership is what drives malware authors and cybercriminals: They target what is popular and in wide use. The following chart shows the malware McAfee Labs has seen this quarter that attempts to exploit vulnerabilities in Adobe and Microsoft products.

Resource:
McAfee Threats Report: Second Quarter 2011, McAfee Labs

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

مشخصات خبر

 
تاریخ ایجاد: 25 بهمن 1390

برچسب‌ها

امتیاز

امتیاز شما
تعداد امتیازها: 0