A new report summarizing the malware and cybersecurity trends for the second quarter of 2012 has been released. The report found the biggest spike in malware samples detected in four years, and illustrates the growing threat faced by mobile devices—particularly Android mobile devices.
There isn’t necessarily anything Earth-shattering in the quarterly report. The fact that it’s essentially more of the same, with slight variations on themes from previous quarterly reports, however, should be cause enough for concern. The bottom line message is that malicious attacks are a serious threat, and they’re not going away any time soon.
How It Spreads
Malicious websites are a popular method for getting malware out there. An average of 2.7 million malicious URLs were detected each month, pointing to approximately 300,000 bad domains. That works out to about 10,000 new malicious domains being created every day with the express purpose of hosting malware and hijacking unprotected PCs or mobile devices.
Another method of propagating malware is through infected USB thumb drives. Attackers put malicious code in AutoRun files that execute automatically when the thumb drive is inserted into a PC. The malware can then compromise the PC, and seek out other connected drives to infect to continue spreading to new PCs.
Return of Botnets
Botnets have been an ongoing threat for years. Thanks to the efforts of security researchers, and major players such as Microsoft, some of the most dangerous and prolific botnets have been crippled or taken offline entirely.
According to the latest quarterly report, though, the victories are apparently short-lived. Botnet activity is at a 12-month high, and the attackers are continuing to evolve clever new ways of managing and controlling the massive armies of compromised computers. Researchers have found that Twitter is now being used by some botnets to issue commands to infected systems.
The Mobile Frontier
The biggest story in malware right now is mobile malware. The shift from traditional mobile phones that simply made phone calls to smartphones containing gigabytes of data has made the pocket-sized computers a prime target for attackers.
Most people are conditioned at this point to run antimalware or other security software on their PCs, and they’ve been trained with the common sense to recognize and avoid many types of attacks. However, that security mindset hasn’t yet transferred over to smartphones and tablets, so many people lack adequate protection on their mobile devices.
The fact that many companies are embracing BYOD (bring your own device) and allowing employees to use their own personal mobile devices to connect to network resources and company data raises the stakes and makes mobile devices an even greater risk in many cases.
Android smartphones and tablets are the hottest targets. Virtually all mobile malware samples detected are intended for Android, ranging from malware that sends out SMS messages, or fraudulent SMS payments, mobile botnets, spyware, and Trojans that can capture or destroy data from Android devices.
Apple’s iOS is more locked down by nature, and the apps have to be approved by Apple to get into the app store. With Android, though, the platform is more open by design, and users are free to get apps from a wide variety of sources outside of the official Google Play store. Android apps are typically not reviewed or vetted in any way, making it easier for attackers to plant apps containing malware.
The report illustrates very clearly that users still need to be on guard against new threats. More importantly, it demonstrates why antimalware protection on the PC alone isn’t enough. You need to have the same, solid protection for all of your PCs and mobile devices.