Menu
McAfee Labs pinpoints four Q3 threats areas

McAfee Labs pinpoints four Q3 threats areas

Quarterly report indicates growth in Android malware, signed malware, spam, and virtual currencies

Security vendor McAfee’s research arm, McAfee Labs, has identified growth across four threat trends in the third instalment of its quarterly reports for 2013, including Android-based malware, signed malware, spam, and virtual currencies.

Almost 700,000 new malware samples aimed at the Android platform were catalogued in the third quarter of the year, accounting for an increase of more than 30 per cent.

McAfee Labs claims this is driven at least partially by a new category of Android malware, titled Exploit/MasterKey.A, which allows attackers to bypass the digital signature validation of applications, a key component of the Android security process.

Researchers have also found a new class of Android malware that, once installed, downloads a second-stage payload without the user’s knowledge.

“The efforts to bypass code validation on mobile devices, and commandeer it altogether on PCs, both represent attempts to circumvent trust mechanisms upon which our digital ecosystems rely,” McAfee Australia and New Zealand (A/NZ) enterprise solutions architect, Sean Duca, said.

“The industry must work harder to ensure the integrity of this digital trust infrastructure given these technologies are becoming even more pervasive in every aspect of our daily lives.”

On the signed malware front, McAfee Labs reports an increase of nearly 50 per cent. It claims this is due to cybercriminals being aware that binaries signed using a certificate from a known Certificate Authority (CA) is immediately deemed valid. As a result, attackers are signing an ever-increasing fraction of malicious payloads using either stolen certificates or certificates sourced from rogue CA vendors.

In October, McAfee Labs reported that signed malware increased from 1.3 per cent in 2010 to 5.3 per cent in 2013, and while it may appear a small change, it indicates that more than five million digitally-signed malware samples are in circulation.

The trend is more pronounced within the mobile environment, with the percentage of signed malware increasing from essentially zero to nearly 25 per cent of known Android-based malware samples in the last three years.

Spam volume increased by a total of 125 per cent throughout the third quarter, most of which occurred in the last four weeks of the period. McAfee Labs attributes this to legitimate marketing firms purchasing and using mailing lists sourced from less-than-reputable sources. Despite the high-volume nature of the message campaigns, the research company claims they generally do not contain malware so users often do not know the difference.

Virtual currencies, whose value is not tied to traditional currencies, are being labelled one of the hottest ‘cyber-topics’ of the last 12 months. Yankee Group estimates that the so-called virtual currencies market grew to $US47.5 billion in 2012.

According to McAfee Labs, the ability for transactions to be anonymous when processed using virtual currencies has drawn cybercriminals to offer illicit goods and services that would normally be transparent to law enforcement. It also offers an effective way to ‘launder’ profits of both online and offline criminal activity.

As a result, the third quarter saw notable events in the use of Bitcoin for illicit activities such as the purchase of drugs, weapons, and other illegal goods on websites such as Silk Road. The growing presence of Bitcoin-mining malware reinforced the increasing popularity of the currency.

“As these currencies become further integrated into our global financial system, their safety and stability will require initiatives leveraging both the financial system’s monetary controls and oversight and the technical controls and defences our industry provides,” Duca said.

Subscribe here for up-to-date channel news

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags spamresearchsecurityAndroidmcafee labsmalware

Featured

Slideshows

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards

Revealed at a glitzy bash in Sydney at the Ivy Penthouse, the first StorageCraft Partner Awards locally saw the vendor honour its top-performing partners with ASI Solutions, SMBiT Pro, Webroot, ACA Pacific and Soft Solutions New Zealand taking home the top awards. Photos by Maria Stefina.

StorageCraft celebrates high achievers at its inaugural A/NZ Partner Awards
Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip

​Synnex and Lenovo hosted 18 resellers for an action-packed weekend adventure in RotoVegas, taking in white water rafting on the Kaituna River, as well as quad biking and dinner at Stratosfare​, overlooking Lake Rotorua at the top of Mount Ngongotaha​. Photos by Synnex.

Kiwi resellers make a splash on Synnex and Lenovo RotoVegas road trip
Show Comments