McAfee Threats Report: First Quarter 2013
McAee Labs researchers have analyzed the threats o the rst quarter o 2013 and recognized several amiliar trends:steady growth in mobile malware and a rapid increase in general malware, including Facebook threat Koobace, AutoRunmalware, and stealth malware that attacks the master boot record (MBR). Worldwide spam doubled during the quarter—as it makes a comeback ater more than a year o decline.Narrowly targeted attacks ocused on the nancial sector, but one came with a twist. Our analysis o the Citadel Trojanshows that cybercriminals have ound a way to turn this traditional bank-account threat into the broader thet o personalinormation rom narrowly targeted victims in certain countries. Will the attackers use this data in the uture?Our count o mobile malware samples, just about exclusively or the Android OS, continues to skyrocket. Almost30 percent o all mobile malware appeared this quarter. Malicious spyware and targeted attacks highlighted the latestassaults on mobile phones.All malware that we track—aecting clients, servers, networks, mobiles—now stands at more than 128 million samples.That gure has climbed steadily or ages and quite rapidly during the last two quarters. Koobace, along with AutoRun,ransomware, and MBR threats, were the leaders this period. With ransomware, cybercriminals hold a system hostage andinsist on payment to unlock a computer. But will they ree the machine ater the victim pays? There are no guarantees, andanonymous payment systems make it basically impossible to track their movements. MBR threats can remain on a systemor a long time without the victim’s knowledge and download other orms o malware.The McAee Global Threat Intelligence
network tells us that IP addresses in the United States are again both the sourceand the target o most malicious network activity. Browser-based attacks, such as hidden irames and malicious Java code,are the most common type.Our analysis o web threats ound that the number o new suspicious URLs, mostly in the United States, increased by12 percent this quarter. New phishing attacks aimed primarily at online auctions and nancial targets. One o the biggeststories this quarter is the increase in spam ater more than a year o decline. We counted 1.9 trillion messages in March.That’s lower than record levels but about twice the volume o December 2012.Cybercriminals continue to develop and market crimeware tools, which make it easy or inexperienced scammers to jointhe ranks and exploit victims. The European Union’s new European Cybercrime Centre was instrumental in aiding lawenorcement to arrest and prosecute online criminals. Hacktivists raised the possibility o using denial-o-service attacks aslawul means to support their ends. We also examine the eorts o cyberarmies during the quarter. These groups usuallyarise in countries that limit personal liberties and claim to act on behal o their governments.