The Inquirer-Home

Malware samples tripled in 2013 as point-of-sale attacks boomed

Criminals are constantly developing new ways to bypass defences
Mon Mar 10 2014, 16:27
Malware cyber criminal

THE NUMBER OF MALWARE SAMPLES found over the last year has tripled, security firm McAfee said in its latest report.

The firm revealed the figures in its McAfee Labs Threats Report: Fourth Quarter 2013 study, saying that the rise in digitally-signed malware samples was driven by abuse of automated Content Distribution Networks (CDNs) that wrap malicious binaries within digitally signed, otherwise legitimate installers.

By the end of 2013, McAfee Labs saw the number of malicious signed binaries rise to more than eight million suspicious binaries, with the firm finding more than 2.3 million new malicious signed applications in the fourth quarter alone, a 52 percent increase from the previous quarter.

"[We] believe this accelerating trend could pose a significant threat to the long-established certificate authority (CA) model for authenticating 'safe' software," the firm said.

Researchers at McAfee also highlighted an increase in Point of Sale (POS) malware and said it is combating more than three new threats every second, a trends that it said is part of a wider surge in cybercrime.

"Detailed research of the high-profile [fourth quarter] credit card data breaches found that the POS malware used in the attacks were relatively unsophisticated technologies likely purchased 'off the shelf' from the Cybercrime-as-a-Service community, and customised specifically for these attacks."

McAfee said that during the last few years it had seen a notable rise in the malware families POScardstealer, Dexter, Alina, Vskimmer, Project Hook and others, many of which are available for purchase online.

Criminals behind the campaigns are particularly dangerous as they are constantly developing new ways to bypass traditional defences, McAfee said, suggesting that they are likely motivated by the success of POS malware operations such as the recent attack on Target. The Target breach is believed to have occurred between 27 November and 15 December 2013, and saw hackers compromise at least 40 million credit and debit card accounts.

The researchers reported millions of customer details being sold on a number of cyber black markets. "What happened to the millions of credit card numbers stolen from Target? We have tracked these and continue to see them appear in large lots (dumps) in key 'carding' marketplaces. Typically the thieves will drop data in batches of one million to four million numbers," read the report.

Other findings in the report include a spike in mobile malware, with McAfee collecting 2.47 million new Android samples in 2013, 744,000 in the fourth quarter alone.

"McAfee's Android malware zoo of unique samples grew by an astounding 197 percent from the end of 2012," the report said.

The firm also noted a surge in ransomware, with the volume of new ransomware samples rising by one million new samples for the year, doubling from the fourth quarter of 2012 to the fourth quarter of 2013. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Existing User
Please fill in the field below to receive your profile link.
Sign-up for the INQBot weekly newsletter
Click here
INQ Poll

Microsoft Windows 10 poll

Which feature of Windows 10 are you most excited about?