Malware Threat Level Hits 4-Year High

Malware Threat Level Hits 4-Year High
Surfing the Internet is becoming more dangerous than ever, according to a report released Wednesday by cyber security software maker McAfee.

In first three months of the year, malware circulating in cyberspace reached a four-year high and is on a pace to reach 100 million samples by year's end, McAfee says in its quarterly threats report.

“In the first quarter of 2012, we have already detected 8 million new malware samples, showing that malware authors are continuing their unrelenting development of new malware," Vincent Weafer, senior vice president of McAfee Labs, said in a statement.

“The same skills and techniques that were sharpened on the PC platform are increasingly being extended to other platforms, such as mobile and Mac," he added.

Contributing to the proliferation of malware is the arrival of new kits for creating malicious software, Adam Wosotowsky, a messaging data architect at McAfee Labs, said in an interview with PCWorld.

The most common kits for creating malware have been based on the Zeus and SpyEye packages, but crackdowns on botnets built on those models have prodded cyber criminals to seek alternatives.

Malware Threat Level Hits 4-Year High
"As the authors of Zeus and SpyEye have started to be located by authorities and are starting to have issues putting out their stuff, we're starting to see more new botnet-building SDKs [Software Development Kits] being released into the black market," he said.

That has increased the number of campaigns, the number of strains and the number of mutations, which increases the number of samples McAfee collects, he added.

Mobile malware continues to grow, McAfee reported, with more than 7,000 Android threats being collected and identified during the quarter. That's more than a 1,200 percent increase over the previous quarter.

Much of the Android infections are being spread by software distributed by third-party retailers, Wosotowsky observed. "The official Google apps store [Google Play] doesn't have very many malicious applications on it," he said.

Most mobile malware is designed to surreptitiously send text messages to premium SMS services. Cyber bandits get a cut of the charges for each message and disappear before a victim can protest to his or her wireless provider.

Malware Threat Level Hits 4-Year High
McAfee also reported that spam levels continue to decline. Global spam during the quarter dropped to slightly more than one trillion messages. "A lot of that is because spam is a lot more accurate nowadays than it used to be," Wosotowsky explained.

When spam volumes were at their all-time highs, he continued, messages were being sent to lots of random addresses. "Now you can purchase these lists that contain legitimate e-mail addresses," he said. "For that reason, spam has become more accurate, so you don't have as much chaff in the spam world."

Follow freelance technology writer John P. Mello Jr. and Today@PCWorld on Twitter.

Subscribe to the Security Watch Newsletter

Comments