Malware attacks on the rise
The bad guys are winning the war on cybercrime: Computer
viruses, trojans and web attacks are soaring at their fastest pace in four
years.
In its quarterly "Threats Report," Intel subsidiary McAfee said that it had found more than 8 million new
kinds of malware in the second quarter, up 23% from the first quarter. There
are now more than 90 million unique strands of malware in the wild, the
security company said.
Microsoft Windows PCs remain by far
the largest targets for malicious cyberattacks, but hackers are targeting other
devices too, including Apple Macintosh computers and mobile phones.
"Attacks that we've traditionally seen on PCs are
now making their way to other devices," said Vincent Weafer, head of
McAfee Labs. "This report highlights the need for protection on all
devices that may be used to access the Internet."
Apple got a wake-up call in the
second quarter. The company had advertised that Macs didn't get viruses, but a
virus called "Flashback" changed all that. The scary piece of
malware, which infected hundreds of thousands of Macintosh computers, looked
like a normal Adobe (ADBE) Flash browser plug-in but stole thousands of
usernames and passwords.
As Macintosh grows its PC market share -- it is now the
third-largest computer platform in the United States -- hackers have
increasingly targeted Apple computers. This summer, the company scaled back its
security claims.
Google is also a growing recipient of
attacks. The company's mobile Android software is the target of virtually all
new mobile malware -- viruses that are soaring in number. So far, McAfee has
found about 13,000 different kinds of mobile malware this year, compared to
fewer than 2,000 in 2011.
"Android malware shows no signs of slowing down,
putting users on high alert," the company said.
New kinds of attacks include sending spam text messages,
commandeering a phone for use in massive botnets, holding a phone hostage in
exchange for ransom, and attacking a phone in a "mobile drive-by."
"Ransomware" -- a popular tool for
cybercriminals a decade ago -- is fashionable again on smartphones. After a
user inadvertently downloads a piece of ransomware, the virus take control of
the user's device and data, relinquishing it only if the user pays money to the
attacker.
After years of ransomware dormancy, the attack method has
grown rapidly in recent months. The second quarter was the biggest ever for new
kinds of ransomware.
"Drive-by" downloads are another old form of PC
attack that has been recently repurposed for smartphones. They're called
"drive-by" because attackers break into websites and infect all users
who visit them. McAfee said it found its first instances of mobile drive-by
downloads in the second quarter -- attackers dropping malware on your phone
when you visit an infected site.
"A victim still needs to install the downloaded
malware, but when an attacker names the file 'Android System Update 4.0.apk,'
most suspicions vanish," the report said.
Even Twitter has become a tool for attacks from botnets
-- large collectives of infected PCs and phones that do the bidding of the
attacker. Instead of connecting to all the infected devices via a Web server,
cybercriminals are increasingly building viruses that are trained to search for
commands from specific Twitter accounts. Using Twitter means attackers no
longer have to buy an expensive Web server or go through the trouble of
stealing one.
Comments
Post a Comment