August 24, 2011

Sharp Rise In Malware Targeting Mobile Devices


Computer security software maker McAfee said Tuesday that the amount of malicious software targeted at Android devices rose 76 percent during the second quarter, making Android the most heavily attacked mobile operating system.

Additionally, McAfee has identified 12 million unique types of malware during the first half of the year -- a 22 percent increase from a year ago.  

“This has been the busiest first half-year in malware history,” said McAfee, a unit of Intel Corp., in a statement.

The company said it expects to end the year with a database of 75 million samples of malware.

"This year we have seen record breaking numbers of malware, especially on mobile devices, where the uptick is in direct correlation to popularity," said Vincent Weafer, senior vice president of McAfee Labs, in a statement.

“Overall attacks are becoming more stealth and more sophisticated, suggesting that we could see attacks that remain unnoticed for longer periods of time. High-profile hacktivist groups have also changed the landscape by drawing a line between attacks for personal gain and attacks meant to send a message.”

Google's Android operating system-based malware surpassed Nokia's Symbian as the most popular target for mobile malware developers, McAfee said in its second quarter threats report.

“While Symbian OS and Java ME remain the most targeted to date, the rapid rise in Android malware in Q2 indicates that the platform could become an increasing target for cybercriminals — affecting everything from calendar apps, to comedy apps to SMS messages to a fake Angry Birds updates,” McAfee said.

The report also describes specific activity shaping the way cybercriminals operate, such as cybercrime “pricebooks” that determine the going rate for large email address lists, and acts of hacktivism and cyberwar.

“With the vast amount of personal and business data now found on user´s mobile phones, mobile malware is steadily increasing, often mimicking the same code as PC-based threats,” McAfee said.

Apple has also become a growing target for malware authors. Though historically the Apple platform has been unaffected by fake anti-virus (fake AV) software, activity in Q2 indicates that it is now being affected, McAfee said.

Another malware category that is demonstrating recent steady growth is stealth malware, which involves hiding the malicious code in a rootkit used by cybercriminals to make malware stealthier and more persistent. 

This type of attack has gained in prominence over the past year, including high-profile attacks such as Stuxnet.  Indeed, stealth malware has increased more rapidly in the last six months than in any previous period, up almost 38 percent from last year, McAfee said.

Acts of hacktivism, primarily from the groups Anonymous and LulzSec, were among some of the most prominent cyber news generators, with at least 20 global attacks reported in the second quarter alone, the majority allegedly at the hands of LulzSec, according to the report.

The report also outlines acts of cyberwar that occurred during the quarter, including attacks on United States´ Oak Ridge National Laboratory and an attack on South Korea´s National Agricultural Cooperative Federation.

Although spam remains at historic low levels, McAfee said it still expects to see a spike in activity in the coming months. 

A common method for cybercriminals to increase their volume of spam activity is to purchase a bulk list of emails in order to flood as much spam as possible to a widespread group of people.


On the Net: