McAfee Threats Report:Fourth Quarter 2011– 1st Section


Date: 2012-03-12

The McAfee Labs has studied the security threats of the final quarter of 2011 in a report. The following report is briefing that report.
Mobile Threats
This quarter we saw Android firmly fixed as the largest target for writers of mobile malware. Like the PC, mobile platforms suffer from commercial spyware and adware. In total numbers, both 2011 and the fourth quarter were by far the busiest periods for mobile malware we have yet seen.
Much of the Android malware has been for-profit SMS-sending Trojans, which benefit cybercriminals by hijacking phones to send messages that cost their owners money. With Android/Arspam, instead of submitting the app to the Android Market, the authors uploaded the malware to a number of Arab-language discussion forums. This version sends SMS messages relating to a key figure whose death led to the start of the uprising in Tunisia. Members of the discussion forums, instead of reformatting their phones to remove the malware, forwarded the Trojan to other like-minded individuals and spread the message.

The overall growth of PC-based malware continued to decline throughout the quarter and is significantly lower than last year at this time. But don’t get complacent. The cumulative number of unique malware samples in our collection still exceeds the 75 million mark, as we predicted in our last report.

The TDSS family of rootkits, despite slowing this quarter, still represents more than half of all rootkitmalware. Rootkits, or stealth malware, are one of the nastiest classifications of malware we see; they have a heavy influence on almost all other areas of malware. Rootkits are designed to evade detection and “live” on a system for a prolonged period. As we see in the graph below, the numbers of TDSS are still growing.

Elsewhere we see flat growth, as with Koutodoor, and a decline in the rate that all rootkits appear.

Each quarter we also track fake antivirus (or fake alert or rogue security software) and AutoRun software, along with password-stealing Trojans. Fake AV has dropped considerably from the prior quarter but it’s still one of the most popular forms of malware. AutoRun and password-stealing banking Trojan malware show modest declines.

In contrast to the second-quarter spike, fake AV on the Mac is once again practically nonexistent.
Related Links:
McAfee Threats Report: Fourth Quarter 2011

The Wall

No comments
You need to sign in to comment