Subscribe Now

* You will receive the latest news and updates on the Canadian IT marketplace.

Trending News

Blog Post

McAfee’s Q4 threat report: watch out for cybercrime as a service
SECURITY

McAfee’s Q4 threat report: watch out for cybercrime as a service 

The cybercrime industry played a big role in the POS attacks and data breaches that occurred last fall. The attackers were able to purchase off-the-shelf malware kits from the cybercrime as a service community. These kits could easily be modified with little programming skill or knowledge of malware functionality. Using the malware packages, attackers were able to breach the security of retailers like Target. They were able to easily sell the stolen credit card information on the black market, using anonymous virtual currencies like Bitcoin.

“The fourth quarter of 2013 will be remembered as the period when cybercrime became ‘real’ for more people than ever before,” said Vincent Weafer, senior vice president for McAfee Labs. “For security practitioners, the ‘off the shelf’ genesis of some of these crime campaigns , the scale of operations, and the ease of digitally monetizing stolen customer data all represent a coming of age for both Cybercrime-as-a-Service and the ‘dark web’ overall.”

Researchers also found that digitally signed malware tripled in 2013. This was driven largely by the abuse of automated content distribution networks (CDN) that wrap malicious binaries within otherwise legitimate installers. By the end of 2013, McAfee Labs recorded more than eight million suspicious binaries. In Q4 alone, McAfee Labs found over 2.3 million new malicious signed applications, a 52 per cent increase from the previous quarter.

McAfee Labs believes this accelerating trend could pose a significant threat to the long-established certificate authority (CA) model for authenticating “safe” software.

The report also recorded a rise in mobile malware, with McAfee recording 2.47 million new mobile samples in 2013, with 744,000 in the fourth quarter alone. What the report calls a ‘mobile malware zoo’ of samples grew by 197 per cent from the end of 2012.

The McAfee Labs team warns that the rise of maliciously signed files could create confusion among users and administrators, and calls into question the continued viability of the CA model. The full report can be accessed here.

 

Related posts