Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

McAfee: 8M New Malware Samples in Q1 2012

McAfee recently released its quarterly threats report for Q1 2012, detailing the increase in malware across all platforms. According to the data, PC-based malware hit a new high during the quarter, making it the largest jump the segment has seen in four years.

Within the first quarter of 2012, McAfee Labs detected 8 million new malware samples, Vincent Weafer, senior vice president of McAfee Labs said.

McAfee recently released its quarterly threats report for Q1 2012, detailing the increase in malware across all platforms. According to the data, PC-based malware hit a new high during the quarter, making it the largest jump the segment has seen in four years.

Within the first quarter of 2012, McAfee Labs detected 8 million new malware samples, Vincent Weafer, senior vice president of McAfee Labs said.

“The same skills and techniques that were sharpened on the PC platform are increasingly being extended to other platforms, such as mobile and Mac; and as more homes and businesses use these platforms the attacks will spread, which is why all users, no matter their platforms, should take security and online safety precautions.”

Mobile users became a fresh source for criminals in Q1, McAfee notes. The threats report says that mobile-based malware surged during the quarter to the tune of nearly 8,000 new samples. When compared to the 600 samples collected in Q4 2011, the jump represents a 1200% change. A majority of the mobile threats centered on Android, but originated from third-party app stores, providing another reason for users to stick to Google Play for their application needs.

Chart of New Malware Samples by Date

When it comes to the rise of malware on the PC, McAfee said that most of the new samples on Q1 sourced from Rootkits, password stealing Trojans. The most common delivery method and originating attack source was email. This is an interesting correlation as spam levels dipped globally in Q1 2012.

Botnet infections climbed during the quarter as well, reaching nearly 5 million infections. Of all the botnets that were active in Q1 2012, Cutwail took the top spot with 2 milliion new nodes.

Finally, based on data collected from the McAfee Global Threat Intelligence network, the United States was the primary source of SQL-injection attacks and cross-site scripting attacks, in addition to having the highest number of victims of both attacks.

The U.S. currently houses the most botnet control servers, and the location point for the vast majority of new malicious websites, with an average of 9,000 new bad sites recorded per day.

A copy of the full report is available here as a PDF download.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cyberwarfare

Russia-linked cyberespionage group APT29 has been observed using embassy-themed lures and the GraphicalNeutrino malware in recent attacks.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Malware & Threats

Security researchers are warning of a new wave of malicious NPM and PyPI packages designed to steal user information and download additional payloads.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.