McAfee reports big spike in malware
A quarterly threat report found password-stealing Trojans on the rise
By Cameron Scott | Published: 09:57, 24 May 2012
PC malware had its "busiest quarter in recent history," according to McAfee's quarterly security report.
The security company registered the biggest increase in malware in four years during the first quarter of this year, bringing the total number of samples to 83 million. Fake antivirus programs declined in popularity, but software with faked security signatures, rootkits and password-stealing Trojans rose.
McAfee counted about 200,000 new examples of password-stealing Trojan horses. A Trojan horses is a stand-alone program that represents itself as some form of legitimate software.
Related Articles on Techworld
Rootkits are stealth programs designed to enable privileged access to the user's computer. The report calls rootkits "one of the nastiest classifications of malware." The Koutodoor rootkit spread fastest last quarter.
Software is "signed" by the vendor to tell users it's safe to install. A user is more likely to trust Microsoft or McAfee, for example, than an unknown vendor. Scammers capitalise on that trust when they forge the digital signature of a trusted provider in order to boost the chances of having their malware successfully installed on the user's computer.
Security researchers began to warn that forged security signatures would take off after the success of the proliferation of the Stuxnet and Duqu malware programs that used that deception.
Among botnets, Cutwail was most active during the quarter, recruiting more than a million new machines. Nearly half of all new botnet control servers were in the US.
The McAfee report also noted a dramatic increase in malware designed to attack mobile devices that run Android. The total number of identified threats to Android devices more than quadrupled in the first quarter, reaching 8,000. However, part of the bump came from improved detection, according to the report. Most mobile malware aimed at Android did not come from apps offered through the Google Play app marketplace.
The report also found that most mobile malware originated in and targeted China and Russia.
Malware targeting Apple computers also continued to rise steadily. New malware for the Mac exploded in the second quarter of 2011, but this last quarter saw the most new cases since then with about 250.