Malware samples tripled in 2013 as point-of-sale attacks boomed

[Audrey McNeil <audrey () riskbasedsecurity com>]

http://www.theinquirer.net/inquirer/news/2333309/malware-samples-tripled-in-2013-as-point-of-sale-attacks-boomed

The number of malware samples found over the last year has tripled,
security firm McAfee said in its latest report.

The firm revealed the figures in its McAfee Labs Threats Report: Fourth
Quarter 2013 study, saying that the rise in digitally-signed malware
samples was driven by abuse of automated Content Distribution Networks
(CDNs) that wrap malicious binaries within digitally signed, otherwise
legitimate installers.

By the end of 2013, McAfee Labs saw the number of malicious signed binaries
rise to more than eight million suspicious binaries, with the firm finding
more than 2.3 million new malicious signed applications in the fourth
quarter alone, a 52 percent increase from the previous quarter.

"[We] believe this accelerating trend could pose a significant threat to
the long-established certificate authority (CA) model for authenticating
'safe' software," the firm said.

Researchers at McAfee also highlighted an increase in Point of Sale (POS)
malware and said it is combating more than three new threats every second,
a trends that it said is part of a wider surge in cybercrime.

"Detailed research of the high-profile [fourth quarter] credit card data
breaches found that the POS malware used in the attacks were relatively
unsophisticated technologies likely purchased 'off the shelf' from the
Cybercrime-as-a-Service community, and customised specifically for these
attacks."

McAfee said that during the last few years it had seen a notable rise in
the malware families POScardstealer, Dexter, Alina, Vskimmer, Project Hook
and others, many of which are available for purchase online.

Criminals behind the campaigns are particularly dangerous as they are
constantly developing new ways to bypass traditional defences, McAfee said,
suggesting that they are likely motivated by the success of POS malware
operations such as the recent attack on Target. The Target breach is
believed to have occurred between 27 November and 15 December 2013, and saw
hackers compromise at least 40 million credit and debit card accounts.

The researchers reported millions of customer details being sold on a
number of cyber black markets. "What happened to the millions of credit
card numbers stolen from Target? We have tracked these and continue to see
them appear in large lots (dumps) in key 'carding' marketplaces. Typically
the thieves will drop data in batches of one million to four million
numbers," read the report.

Other findings in the report include a spike in mobile malware, with McAfee
collecting 2.47 million new Android samples in 2013, 744,000 in the fourth
quarter alone.

"McAfee's Android malware zoo of unique samples grew by an astounding 197
percent from the end of 2012," the report said.

The firm also noted a surge in ransomware, with the volume of new
ransomware samples rising by one million new samples for the year, doubling
from the fourth quarter of 2012 to the fourth quarter of 2013.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!