McAfee reports malware at all-time high

The latest McAfee Threat Report reveals information about current malware trends.

McAfee today revealed its McAfee Threat Report for the third quarter of 2010. Information like that provided by McAfee in these quarterly reports is valuable for IT admins -- enabling them to keep a finger on the pulse of malware, and to stay in touch with emerging attack techniques and trends.

With the holiday shopping season upon us, cyber criminals will be pulling out all the stops and shifting into high gear to capitalize on the spike in online transactions and part naïve or gullible users from both their personal information and their money. Businesses and consumers both need to be on high alert and take a more proactive stance to guard against attacks.

A McAfee press release about the McAfee Threat Report states, "average daily malware growth has reached its highest levels, with an average of 60,000 new pieces of malware identified per day, almost quadrupling since 2007," adding, "At the same time, spam levels decreased in volume this quarter, both globally and in local geographies. Spam hit a two year low this quarter while malware continued to soar."

McAfee warns that, "Most recently, cybercriminals unleashed a Zeus botnet that is aimed at mobile devices and designed to intercept SMS messages to validate transactions. As a result, the criminal can perform all bank transactions, stealing funds from unsuspecting victims. McAfee also saw an increase in email campaigns attempting to deliver the Zeus botnet, under the disguise of the following recognized organization names: eFAX, FedEx, Internal Revenue Service, Social Security Administration, United States Postal Service and Western Union."

This report looks in-depth at the Stuxnet worm, which appears to have been crafted specifically to target the nuclear facility capabilities of Iran. More relevant to most IT admins, though, are the findings and analysis of social engineering attacks, and the potential risks associated with social networking.

"Our Q3 Threat report shows that cyber criminals are not only becoming more savvy, but attacks are becoming increasingly more severe," said Mike Gallagher, senior vice president and chief technology officer of Global Threat Intelligence for McAfee. "Cyber criminals are doing their homework, and are aware of what's popular, and what's insecure. They are attacking mobile devices and social networking sites, so education about user activity online, as well as incorporating the proper security technologies are of utmost importance."

As a security vendor, it could be argued that McAfee has a vested interest in alarming IT managers and the general public regarding computer security issues. It would be a sort of self-serving, and self-fulfilling prophecy to create a panic that drives sales of computer and network security tools.

I have never bought into the conspiracy theory that security vendors incite fear to boost sales. It would be a thinly-veiled con, and the short term gain would damage the reputation of the vendor and lead to irreparable long term harm.

McAfee has nothing to gain -- at least not long term -- from "crying wolf". The other way of looking at reports such as this is that McAfee -- by virtue of being a major security vendor with an army of security researchers and customers scattered around the globe -- is in a unique position to collect and study relevant data in order to provide expert analysis to identify trends and work more proactively to develop more effective security measures.

Join the CSO newsletter!

Error: Please check your email address.

Tags firewallsspamantispammcafeevirusessecurityphishingmalwarenetwork security

More about FedExInternal Revenue ServiceMcAfee AustraliaPayPalWestern Union

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tony Bradley

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts