Connect with us

Hi, what are you looking for?


Malware & Threats

McAfee Sees Biggest Increase In Malware Attacks in the Last Four Years

Malware attacks are at an all-time high for the past four years as attackers adapt their attack methods to various platforms, McAfee Labs researchers said in a quarterly threats report.

Malware attacks are at an all-time high for the past four years as attackers adapt their attack methods to various platforms, McAfee Labs researchers said in a quarterly threats report.

McAfee Labs identified more than eight million new kinds of malware in the second quarter of 2012, an increase of 23 percent, or 1.5 million, malware samples over the first quarter, according to the company’s most recent threat analysis report. The McAfee Threats Report for the second quarter for 2012 also identified new threats such as mobile “drive-by-downloads,” the use of Twitter to control mobile botnets, and the appearance of “ransomware” for mobile devices.

There are now more than 90 million unique strands of malware in the wild, and while Windows PCs remain the largest target, attackers are increasingly expanding their focus to include other platforms, according to McAfee. The Flashback Trojan which affected Mac OS X systems earlier in the quarter exploiting an unpatched Java vulnerability is just one example of how PC techniques have been adapted for new platforms.

“Attacks that we’ve traditionally seen on PCs are now making their way to other devices,” said Vincent Weafer, head of McAfee Labs.

Virtually all new mobile malware detected in the second quarter targeted Android, and included SMS-sending malware, mobile botnets, spyware, and other destructive Trojans, according to the report. McAfee researchers have found about 13,000 different kinds of mobile malware so far in 2012, compared to less than 2,000 in 2011.

“Android malware shows no signs of slowing down, putting users on high alert,” the company said.

Researchers also detected an increase in ransomware apps on mobile devices, with an all-time high in the number of new ransomware apps this quarter. Ransomware is a class of malicious applications that somehow takes control of the user’s device and data, such as by changing passwords or encrypting the data, and demands a ransom from the victim before restoring access.

Advertisement. Scroll to continue reading.

Ransomware has become a “popular avenue” for criminals, and damages range from loss of personal documents and photos for home users to data hostage and blackmail demands for large enterprises, McAfee said.

Drive-by downloads are another attack vector that traditionally targeted PCs but are now seen on other platforms. McAfee found the first instance of mobile drive-by downloads in the past quarter, where visitors browsing malicious websites were infected with malware.

“A victim still needs to install the downloaded malware, but when an attacker names the file ‘Android System Update 4.0.apk,’ most suspicions vanish,” the report said.

Despite several takedown efforts, botnets continued to grow over the quarter, with infection rates reaching a 12-month high, McAfee found. Researchers also uncovered new methods being used to control botnets, such as using Twitter. In a mobile botnet, attackers can post commands on the micro-blogging service and infected devices would follow the instructions as they appear in the Twitter stream.

There were nearly 1.2 million new samples of the AutoRun worm, which spreads from thumb drives onto all attached drives on the system. There were 1.6 million new samples of password-stealing malware, which are capable of collecting account names and passwords and transmitting them to a remote server under the attacker’s control.

McAfee also recorded an average of 2.7 million new bad URLs per month during the second quarter. In June, new URLs were related to about 300,000 bad domains, according to the report. Of the new bad-reputation URLs, 94.2 percent hosted malware, exploits or code that have been specifically designed to hijack computers.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.

Malware & Threats

Threat actors are increasingly abusing Microsoft OneNote documents to deliver malware in both targeted and spray-and-pray campaigns.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.

Malware & Threats

A vulnerability affecting IBM’s Aspera Faspex file transfer solution, tracked as CVE-2022-47986, has been exploited in attacks.


The recent ransomware attack targeting Rackspace was conducted by a cybercrime group named Play using a new exploitation method, the cloud company revealed this...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...