Reseller News

Three times as much malware in 2013: McAfee

Security vendor attributes stolen information and data braches to “dark web” malware industry

The McAfee Labs Threats Report: Fourth Quarter 2013 has found the number of digitally signed malware samples tripled over the course of 2013.

This growth was largely attributed to misuse of automated Content Distribution Networks (CDNs) that wrap malicious code within digitally signed installers.

McAfee Labs senior vice president, Vincent Weafer, said point-of-sale (POS) attacks and data breaches in the fall of 2013 were carried out by the “dark web” malware industry.

“The ‘off the shelf’ genesis of some of these crime campaigns, the scale of operations, and the ease of digitally monetising stolen customer data all represent a coming of age for both Cybercrime-as-a-Service and the ‘dark web’ overall,” he said.

Weafer characterises the fourth quarter of 2013 as a period when cyber crime became a reality for more people than ever before.

He adds that cyber thefts often catch people off guard, as they were pre-occupied with their holiday shopping.

“The impact of these attacks will be felt both at the kitchen table as well as the boardroom table,” Weafer said.

Digital theft

Beyond the growth of malware, the report highlighted the ease of stolen credit card numbers and other personal consumer data being sold online.

Weafer said the malware used in these incidents were simple in design and likely purchased “off the shelf” from the Cyber crime-as-a-Service community before further customisation took place.

“Thieves offering for sale some of the 40 million credit card numbers reported stolen in batches of between one and four million at a time,” he said.

As for ransomware, the report found samples doubled in number from Q4 2012 to Q4 2013 by one million new samples.

Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.