A new report by McAfee on malware and cyber security trends for the second quarter of 2012 points to the largest peak of malware samples detected in four years, and illustrates the growing threat faced by mobile device devices – especially Android.
There is not necessarily anything surprising about the quarterly report. The fact is essentially more of the same, with slight variations on topics from previous quarterly reports. However, the content should be reason enough for concern. The bottom line is that malicious attacks are a serious threat, and they won't disappear anytime soon.
How to spread
Malicious websites are a popular method for obtaining malware. An average of 2.7 million malicious URLs were detected every month, pointing to about 300,000 corrupted domains. That gives about 10,000 new malicious domains created every day for the express purpose of hosting malware and hijacking unprotected PCs or mobile devices.
Another method of spreading malware through infected USB sticks. Crackers place malicious code in AutoRun files that run automatically when the USB stick is inserted into a PC. Malware can compromise the machine and look for other connected drives to infect to keep spreading.
The Return of Botnets
Botnets have been a constant threat this year. Thanks to the efforts of security researchers, and major names like Microsoft, some of the most dangerous and preemptive botnets have been damaged or entirely destroyed.
According to the latest quarterly report, however, the victories are apparently short-lived. Botnet activity has been booming for 12 months, and crackers continue to develop smart new ways to manage and control the huge armies of compromised computers. Researchers have found that Twitter is being used by some botnets to issue commands to infected systems.
The Moving Frontier
The biggest highlight in the malware world is mobile. The shift from traditional mobile phones that simply complete phone calls to smartphones containing gigabytes of data has made pocket computers a favorite target of crackers.
Today, most people are conditioned to run anti-malware security software on their PCs and trained with the common sense to recognize and prevent many types of attacks. However, this security mindset has not yet shifted to smartphones and tablets, causing many people not to have adequate protection on their mobile devices.
The fact that many companies adopt BYOD (bring their own device) and allow their employees to use their own personal mobile devices to connect to company network and data resources increases the risks and makes mobile devices an even greater risk in many cases. cases.
Android smartphones and tablets are the main targets. Virtually all detected mobile malware samples are intended for Google Os, which ranges from malware that sends SMS messages, or fraudulent SMS payments, mobile botnets, spyware, and Trojan horses that can capture or destroy device data.
Apple's iOS is more blocked by nature, and applications must be approved by Apple to enter the App Store. With Android, however, it is the most open platform for the project, and users are free to get applications from a wide variety of sources outside the official Google Play store. In addition, Android apps are usually not reviewed or controlled at all, making it easier for crackers to deploy apps that contain malware.
The report clearly illustrates that users still need to be alert and warned against new threats. More importantly, it demonstrates why PC antimalware protection alone is not enough. You need to have the same solid protection for all your PCs and mobile devices.
Stay on top of everything that happens at Diolinux …