In McAfee Threats Report: Second Quarter 2012 (pdf), the security firm states that it detected a 1.5 million increase in malware samples since Q1 2012, the biggest increase detected in the last four years. The report also identifies new threats such as mobile "drive-by downloads," the use of Twitter for control of mobile botnets, and the appearance of mobile "ransomware."
"Over the last quarter we have seen prime examples of malware that impacted consumers, businesses, and critical infrastructure facilities," said Vincent Weafer, senior vice president of McAfee Labs. "Attacks that we’ve traditionally seen on PCs are now making their way to other devices. For example, in Q2 we saw Flashback, which targeted Macintosh devices and techniques such as ransomware and drive-by downloads targeting mobile. This report highlights the need for protection on all devices that may be used to access the Internet."
McAfee notes that malware authors have taken a liking to the open-source Android platform, as virtually all new mobile malware detected in Q2 2012 was directed at Google's mobile OS. This mobile assault included SMS-sending malware, mobile botnets, spyware and destructive Trojans. Malware seemingly exploded into the mobile scene back in Q1 2012 as previously reported by the firm (pdf).
In addition to attacking Android, mobile ransomware and botnets are the latest cybercrime fads, McAfee reports. "Ransomware, steadily increasing quarter over quarter, has become a popular avenue for cybercriminals," the firm states. "Damage can range from loss of photos and personal files for home users to data encryption and demands for money for large enterprises. Ransomware is especially problematic as it can hold computers and data hostage, instantly damaging machines."
Infections related to botnets have reached a 12-month high, and the United States is typically the global hub of botnet control servers. Thumb drive and password-stealing malware also showed significant growth in Q2 with nearly 1.2 million new samples. Even more, McAfee Labs recorded an average of 2.7 million new bad URLs per month – scareware sites, phishing sites, etc – during the second quarter.
"In June, these new URLs were related to about 300,000 bad domains, which is equivalent to 10,000 new malicious domains every day," McAfee reports. "Of the new bad-reputation URLs, 94.2-percent host malware, exploits or code that have been specifically designed to hijack computers."
To read the full report, download and view the PDF file here. The findings are provided by the McAfee Labs team of 500 multidisciplinary researchers in 30 countries which "follows the complete range of threats in real time, identifying application vulnerabilities, analyzing and correlating risks, and enabling instant remediation to protect enterprises and the public."