McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011
2011
Malicious Sites Nearly Double, while Mobile Malware Continues to Grow
SANTA CLARA, Calif. - Feb. 21, 2012 - McAfee today released the McAfee
Threats Report: Fourth Quarter 2011, revealing that malware surpassed
the company’s estimate of 75 million unique malware samples last year.
Although the release of new malware slowed in Q4, mobile malware
continued to increase and recorded its busiest year to date.
“The threat landscape continued to evolve in 2011, and we saw a
significant shift in motivation for cyber attacks,” said Vincent
Weafer, senior vice president of McAfee Labs. “Increasingly, we’ve
seen that no organization, platform or device is immune to the
increasingly sophisticated and targeted threats. On a global basis, we
are conducting more of our personal and business transactions through
mobile devices, and this is creating new security risks and challenges
in how we safeguard our commercial and personal data.”
Malware
The overall growth of PC-based malware actually declined throughout Q4
2011, and is significantly lower than Q4 2010. The cumulative number of
unique malware samples in the collection still exceeds the 75 million
mark. In total, both 2011 and the fourth quarter were by far the busiest
periods for mobile malware that McAfee has seen yet, with Android firmly
fixed as the largest target for writers of mobile malware.
Contributing to the rise in malware were rootkits, or stealth malware.
Though rootkits are some of the most sophisticated classifications of
malware, designed to evade detection and “live” on a system for a
prolonged period, they showed a slight decline in Q4. Fake AV dropped
considerably from Q3, while AutoRun and password-stealing Trojan malware
show modest declines. In a sharp contrast to Q2 2011, Mac OS malware has
remained at very low levels the last two quarters.
Web Threats
In the third quarter McAfee Labs recorded an average of 6,500 new bad
sites per day; this figure shot up to 9,300 sites in Q4. Approximately
one in every 400 URLs were malicious on average, and at their highest
levels, approximately one in every 200 URLs were malicious. This brings
the total of active malicious URLs to more than 700,000.
The vast majority of new malicious sites are located in the United
States, followed by the Netherlands, Canada, South Korea and Germany.
Overall, North America housed the largest amount of servers hosting
malicious content, at more than 73 percent, followed by Europe-Middle
East at more than 17 percent and Asia Pacific at 7 percent.
Spam
At the end of 2011, global spam reached its lowest point in years,
particularly in the United Kingdom, Brazil, Argentina and South Korea.
Despite the drop in global levels, McAfee Labs found that the present
spearphishing and spam are highly sophisticated.
Overall botnet growth rebounded in November and December after falling
since Aug
ust, with Brazil, Columbia, India, Spain and the United States
all seeing significant increases. Germany, Indonesia and Russia
declined. Of the botnets, Cutwail continues to reign supreme, while
Lethic has been on a steady decline since last quarter. Grum made a
significant comeback after a long decline, surpassing Bobax and Lethic
by the end of Q4.
Data Breaches
The number of reports of data breaches via hacking, malware, fraud and
insiders more than doubled since 2009, according to privacyrights.org,
with more than 40 breaches publicly reported this quarter alone. The
leading network threat this quarter came via vulnerabilities in
Microsoft Windows remote procedure calls. This was followed closely by
SQL injection and cross-site scripting attacks. These remote attacks can
be launched at selected targets around the globe.
To access McAfee’s Threats Report: Fourth Quarter 2011, please visit
http://www.mcafee.com/us/resources/reports/rp-quarterly-threat-q4-2011.pdf.
About McAfee
McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC),
is the world's largest dedicated security technology company. McAfee
delivers proactive and proven solutions and services that help secure
systems, networks, and mobile devices around the world, allowing users
to safely connect to the Internet, browse and shop the Web more
securely. Backed by its unrivaled Global Threat Intelligence, McAfee
creates innovative products that empower home users, businesses, the
public sector and service providers by enabling them to prove compliance
with regulations, protect data, prevent disruptions, identify
vulnerabilities, and continuously monitor and improve their security.
McAfee is relentlessly focused on constantly finding new ways to keep
our customers safe. http://www.mcafee.com
McAfee Canada is headquartered in Markham, Ontario, with regional
offices across Canada. The company's Consumer Software Research and
Development facility in based in Waterloo, Ontario.
- 30 -
Note: McAfee, the McAfee logo and SiteAdvisor are registered trademarks
or trademarks of McAfee, Inc., or its subsidiaries in the United States
and other countries. Other names and brands may be claimed as the
property of others. ©2012 McAfee, Inc. All rights reserved.
For more information please contact:
Rejane Wilson / Dianna Lai
StrategicAmpersand Inc. (for McAfee Canada)
rejane@stratamp.com
dianna@stratamp.com
(416) 961-5595