McAfee Threats Report

Antivirus company McAfee released a report on threats to Q4 2012. According to the report, the focus shifted to sophisticated attacks: previously had threatened the financial industry, and now the scammers are becoming increasingly interested in other important areas of economic activity.

In the attack uses a range of new tactics and technologies that bypass the security standards in the industry.

The report also shows that the Trojans and complex threats – such as “Operation High Roller” or “Project Blitzkrieg” – continue a winning streak. The scope of the attackers who used such complex attacks, expanded: now in sight fraudsters were government agencies, manufacturing and infrastructure companies involved in commercial transactions.

“We see a shift in focus of attacks – now the sights are a number of new fields. This enterprise, corporations and government agencies, and the infrastructure that connects them – says Vincent Weafer, senior vice president of McAfee Labs. – We are witnessing the emergence of a new stage of cyberthreats. Creating malicious tools with the ability to obtain illegal profits from attractive to fraudsters of the financial sector – the factors that shaped the new growing “black market.” Now demand is cyber weapons and new creative approaches that can deceive security in various areas of the business.”

The growth in the group of Trojan malware was 72% for the quarter. The most “tidbit” confidential data to fraudsters at the moment – are user IDs and passwords. That is why the Trojans are very affordable, and at the moment, or appear as part of a specially designed complex and ready threats. Information about the Trojan Citadel, which has become known in the 4th quarter, suggesting that the possibility of malicious software in the field of information theft are used including outside the financial sector.

McAfee experts in Q4 continued to monitor the development trend of links to malicious content. Botnets as a method to spread malware are now used less often than the reference, and this trend continues. Analysis of Web threats showed that the number of new links with “suspicious” content in the 4th quarter increased by 70%. Number of new links of this nature was 4.6 million a month – almost twice more than 2.7 million per month in the previous two quarters. References in 95% contained malicious code, software or exploits. At the same time, the number of infected computers controlled by botnets decreased. This is partly due to the efforts of the authorities to eliminate botnets, but most likely, the main reason is the decline in the popularity of botnets as a business model intruders.

The malware, which aims – boot sector, has set a new quarterly record: in the 4th quarter of 2012 the volume of threats increased by 27%. IN this class is capable of taking up where it will not be able to detect standard antivirus solutions – in the boot sector. After that, this software is stealing data, download other malicious software or use the infected computer to attack other computers or networks. Despite the fact that at this point, this sphere of malicious activity has a relatively small volume in McAfee Labs expects these attacks will become one of the major trends of 2013.

The number of malware samples, signed the certificate, doubled Q4. The trend observed in this case is very clear: the culprit aware that signed malware – one of the best methods to bypass standard security measures.

In 2012, experts from McAfee Labs found 44 times more samples of malicious software for mobile devices, rather than in 2011. This means that 95% of all existing mobile malware has appeared in the past year. Cybercriminals are making best efforts to ensure that the attack based device Android: only in the 4th quarter of 2012 the number of new malware for the platform has grown by 85%. The attractiveness of mobile threats for attackers is in the value of the information that can be found on the devices of users – passwords, address books and more. In addition, mobile platform opens up new, are not available on traditional computers opportunities for “business” intruders. This includes, for example, the Trojans, which send SMS-messages to premium rate numbers without your knowledge.


Main link to news: McAfee Threats Report: Fourth Quarter 2012

Operation High Roller

Project Blitzkrieg