McAfee Labs today released the McAfee Threats Report: First Quarter 2013, which found that samples of Koobface, a social networking worm first discovered in 2008, had tripled in the first quarter of 2013 (when levels had been relatively flat for the last year), and advanced persistent threats (APTs) continued to rise in number and complexity.
Other key findings from the McAfee Threats Report: First Quarter 2013 include the following:
- The first increase in global spam volume in more than three years
- Cybercriminals have re-purposed the bank account threat to steal personal information from narrowly targeted victims within organizations beyond the financial services sector
The industry should expect to see more instances of banking malware used for cyber-espionage operations within non-financial and government organizations
- A 30 per cent increase in master boot record (MBR)-related threats which includes instances of StealthMBR, TDSS, Cidox, and Shamoon malware
This category has set record highs over the last two quarters
- While the growth of mobile malware declined slightly during the quarter, Android malware saw an increase of 40 per cent in Q1
McAfee Quarterly Threat Report Sees Social Media Worm Resurgence as Spam Rises Dramatically
Targeted attacks continue to rise; pump and dump returns with record stock market highs
SANTA CLARA, Calif. June 3, 2013 McAfee Labs today released the McAfee Threats Report: First Quarter 2013, which reported a significant spike in instances of the Koobface social networking worm and a dramatic increase in spam. McAfee Labs also saw continued increases in the number and complexity of targeted threats, including information-gathering Trojans and threats targeting systems master boot records (MBRs).
McAfee Labs found almost three times as many samples of Koobface as were seen in the previous quarter, which is a high point for the social networking worm that targets Facebook, Twitter and other social networking service users. After three years of stagnation, spam email volume rose dramatically. One significant element behind this growth in North America was the return of pump and dump spam campaigns, which targeted would-be investors hoping to capitalize on all-time equity market highs. The McAfee Labs report showed the continued increases in Android malware, malicious Web URLs and overall malware samples.
But the increase in the number and sophistication of targeted advanced persistent threats (APTs) represented the most notable evolution in the threat landscape, as information becomes as valuable as money on the cybercrime landscape. The report found a 30 per cent increase in MBR-related malware and new instances of password-stealing Trojans being repurposed to capture information on individuals and organizations beyond the financial services industry.
Cybercriminals have come to appreciate that sensitive personal and organizational information are the currency of their hacker economy, said Vincent Weafer, Senior Vice President, McAfee Labs. The resurrection of Koobface reminds us that social networks continue to present a substantial opportunity for intercepting personal information. Within the enterprise, we see password-stealing Trojans evolving to become information-gathering tools for cyber-espionage attacks. Whether they target login credentials or intellectual property and trade secrets, highly-targeted attacks are achieving new levels of sophistication.
Each quarter, the McAfee Labs team of more than 500 multidisciplinary researchers in 30 countries monitors the global threat landscape, identifying application vulnerabilities, analyzing and correlating risks, and enabling instant remediation to protect enterprises and the public. This quarter, McAfee Labs identified the following developments:
Koobface Trojan: Koobface, a worm first discovered in 2008, had been relatively flat for the last year yet it tripled in the first quarter of 2013 to levels never previously seen. The resurgence demonstrates that the cybercriminal community believes that social network users constitute a very target-rich environment of potential victims.
Spam Volume: McAfee Labs found the first increase in global spam volume in more than three years. In addition to popular pump and dump scams, a surge in growth hormone offers and an escalation of spam campaigns in emerging markets accounted for category growth.
Targeted Espionage: McAfees latest analysis of the Citadel Trojan found that criminals have re-purposed the bank account threat to steal personal information from narrowly targeted victims within organizations beyond financial services. The industry should expect to see more instances of banking malware used for cyber-espionage operations within non-financial and government organizations.
MBR Attacks: The 30 per cent increase in Q1 MBR-related threats included instances of StealthMBR, TDSS, Cidox, and Shamoon malware. Key to performing startup operations, MBRs offer an attacker a wide variety of system control, persistence and deep penetration capabilities. The category has set record highs over the last two quarters.
Malicious URLs: The number of suspicious URLs increased 12 per cent as cybercriminals continued their movement away from botnets as the primary distribution mechanism for malware. Malicious websites launching drive-by downloads have the notable advantage of being more nimble and less susceptible to law enforcement takedowns.
Mobile Malware: While the growth of mobile malware declined slightly during the quarter, Android malware still managed to increase by 40 per cent.
PC Malware: New PC malware samples increased 28 per cent, adding 14 million new samples to McAfees malware zoo of more than 120 million unique malware threats.
To read the full McAfee Threats Report: First Quarter 2013, please visit http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q1-2013.pdf.
McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), empowers businesses, the public sector, and home users to safely experience the benefits of the Internet. The company delivers proactive and proven security solutions and services for systems, networks, and mobile devices around the world. With its Security Connected strategy, innovative approach to hardware-enhanced security, and unique Global Threat Intelligence network, McAfee is relentlessly focused on keeping its customers safe. http://www.mcafee.com
McAfee Canada is headquartered in Markham, Ontario, with regional offices across Canada. The companys Consumer Software Research and Development facility is based in Waterloo, Ontario.
Note: McAfee is a trademark or registered trademark of McAfee, Inc. in the United States and other countries. Other names and brands may be claimed as the property of others.