McAfee today released the McAfee Threats Report: Second Quarter
2011, showing that the amount of malware targeted at Android devices
jumped 76 percent since last quarter, to become the most attacked
mobile operating system.
2011 has also resulted in the busiest ever first half-year in
malware history, including a first-ever appearance of Mac fake AV
and a significant uptick in rootkits.
"This year we've seen record-breaking numbers of malware, especially
on mobile devices, where the uptick is in direct correlation to
popularity," said Vincent Weafer, senior vice president of McAfee
Labs. "Overall attacks are becoming more stealth and more
sophisticated, suggesting that we could see attacks that remain
unnoticed for longer periods of time. High-profile hacktivist groups
have also changed the landscape by drawing a line between attacks
for personal gain and attacks meant to send a message."
McAfee's report also details specific activity shaping the way
cybercriminals operate, such as cybercrime "pricebooks" that
determine the going rate for large email address lists, and acts of
hacktivism and cyberwar.
With an approximate 12 million unique samples for the first half of
2011, a 22 percent increase over 2010, this has been the busiest
first half-year in malware history. With the addition of Q2's
numbers, the grand total of total malware samples in McAfee's
database has reached approximately 65 million, and McAfee
researchers estimate that this "Malware Zoo" will reach at least 75
million samples by the year's end.
With the vast amount of personal and business data now found on
user's mobile phones, mobile malware is steadily increasing, often
mimicking the same code as PC-based threats. In the second quarter
of 2011, Android OS-based malware surpassed Symbian OS for the most
popular target for mobile malware developers. While Symbian OS and
Java ME remain the most targeted to date, the rapid rise in Android
malware in Q2 indicates that the platform could become an increasing
target for cybercriminals - affecting everything from calendar apps,
to comedy apps to SMS messages to a fake Angry Birds updates.
There are more Mac users than ever before, and as organizations
increasingly adopt Macs for business use, Apple now has become more
a target for malware authors. Though historically the Apple platform
has been unaffected by fake anti-virus (fake AV) software, activity
in Q2 indicates that it is now being affected. Although this type of
fake AV is the first of its kind, McAfee Labs does expect fake AV in
general will drop off over time.
Another malware category that is demonstrating recent steady growth
is stealth malware. The tactic of hiding malware in a rootkit is
used by cybercriminals to make malware stealthier and more
persistent, and has seen this type of attack gain in prominence over
the past year, with high-profile attacks such as Stuxnet. Stealth
malware has increased more rapidly in the last six months than in
any previous period, up almost 38 percent over 2010.
Acts of hacktivism, primarily from the groups Anonymous and LulzSec,
were among some of the most prominent cyber news generators for Q2.
The report details hacktivist activity from Q2, with at least 20
global attacks reported in Q2 alone, and with the majority allegedly
at the hands of LulzSec. The report also outlines acts of cyberwar
that occurred in Q2, including attacks on United States - Oak Ridge
National Laboratory, and an attack on South Korea's National
Agricultural Cooperative Federation.
Though spam is still at historic low levels, due in part to the
Rustock takedown, McAfee Labs still expects to see a sharp rise in
activity over the coming months. A common method for cybercriminals
to increase their volume of spam activity is to purchase a bulk list
of emails in order to flood as much spam as possible to a widespread
group of people. Whether it's a botnet or a rental service, prices
vary for such enterprises, often by location. For instance, in the
United States, the going rate for 1 million emails is $25, whereas
in England 1.5 million emails are worth $100.