McAfee report shows significant growth for malware on mobile platforms


McAfee released the McAfee Threats Report: Second Quarter
2011, showing that the amount of malware targeted at Android devices jumped 76
percent since last quarter, to become the most attacked mobile operating


2011 has also resulted in the busiest ever first
half-year in malware history, including a first-ever appearance of Mac fake AV
and a significant uptick in rootkits, suggesting that McAfee‘s comprehensive
malware zoo” collection will reach a record 75 million samples by the year’s


This year we’ve seen record-breaking numbers of malware,
especially on mobile devices, where the uptick is in direct correlation to
popularity,” said Vincent Weafer, senior vice president of McAfee Labs.


Overall attacks are becoming more stealth and more
sophisticated, suggesting that we could see attacks that remain unnoticed for
longer periods of time. High-profile hacktivist groups have also changed the
landscape by drawing a line between attacks for personal gain and attacks meant
to send a message,” Weafer added.


With an approximate 12 million unique samples for the
first half of 2011, a 22 percent increase over 2010, this has been the busiest
first half-year in malware history.


With the addition of Q2’s numbers, the grand total of
total malware samples in McAfee’s database has reached approximately 65
million, and McAfee researchers estimate that this Malware Zoo” will reach at
least 75 million samples by the year’s end.


With the vast amount of personal and business data now
found on user’s mobile phones, mobile malware is steadily increasing, often
mimicking the same code as PC-based threats.In the second quarter of 2011, Android OS-based malware surpassed
Symbian OS for the most popular target for mobile malware developers.


While Symbian OS and Java ME remain the most targeted to
date, the rapid rise in Android malware in Q2 indicates that the platform could
become an increasing target for cybercriminals affecting everything from
calendar apps, to comedy apps to SMS messages to a fake Angry Birds updates.


There are more Mac users than ever before, and as
organizations increasingly adopt Macs for business use, Apple now has become
more a target for malware authors.


Though historically the Apple platform has been
unaffected by fake anti-virus (fake AV) software, activity in Q2 indicates that
it is now being affected. Although this type of fake AV is the first of its
kind, McAfee Labs does expect fake AV in general will drop off over time.


Another malware category that is demonstrating recent
steady growth is stealth malware. The tactic of hiding malware in a rootkit is
used by cybercriminals to make malware stealthier and more persistent, and has
seen this type of attack gain in prominence over the past year, with
high-profile attacks such as Stuxnet.


Stealth malware has increased more rapidly in the last
six months than in any previous period, up almost 38 percent over 2010.


Acts of hacktivism, primarily from the groups Anonymous
and LulzSec, were among some of the most prominent cyber news generators for
Q2. The report details hacktivist activity from Q2, with at least 20 global
attacks reported in Q2 alone, and with the majority allegedly at the hands of


Though spam is still at historic low levels, due in part
to the Rustock takedown, McAfee Labs still expects to see a sharp rise in
activity over the coming months. A common method for cybercriminals to increase
their volume of spam activity is to purchase a bulk list of emails in order to
flood as much spam as possible to a widespread group of people.


Whether it’s a botnet or a rental service, prices vary
for such enterprises, often by location. For instance, in the United States,
the going rate for 1 million emails is $25, whereas in England 1.5 million
emails are worth $100.


Recently, McAfee announced
that its technology for mobile platforms will be offered as standard in Sony
Ericsson’s XPERIA mini pro and forthcoming XPERIA pro smartphones.


This is part of a move designed to effectively safeguard
smartphone users against device loss, data theft, malware and virus infection.


By Team
[email protected]