Malware getting smarter, says McAfee

Savvier cyberattacks are being directed toward more critical segments of the U.S. economy, says the security provider.

Lance Whitney Contributing Writer
Lance Whitney is a freelance technology writer and trainer and a former IT professional. He's written for Time, CNET, PCMag, and several other publications. He's the author of two tech books--one on Windows and another on LinkedIn.
Lance Whitney
2 min read
Malware is on the rise.
Malware is on the rise. McAfee

Malware continues to grow, not just in volume but in sophistication, according to a new report from McAfee.

Released today, the security vendor's fourth-quarter 2012 Threats Report found that more organizations are being targeted by more clever cyberattacks.

The number of trojans designed to steal passwords rose 72 percent last quarter. Some of these trojans are part of "customized" threats, while others are packaged with more "off-the-shelf" forms of malware. As one example, the Citadel trojan was specifically designed to hit financial services companies.

Operation High Roller and Project Bliztkrieg were also cited by McAfee as two threats to banks and other financial companies.

"We are seeing attacks shifting into a variety of new areas, from factories, to corporations, to government agencies, to the infrastructure that connects them together," Vincent Weafer, senior vice president of McAfee Labs, said in a statement. "This represents a new chapter in cybersecurity in that threat-development, driven by the lure of financial industry profits, has created a growing underground market for these cybercrime weapons, as well as creative new approaches to thwarting security measures common across industries."

Mobile malware also continues to increase.

The number of mobile malware samples discovered by McAfee last year was 44 times the number found in 2011.

Android has been a prime and growing target of cybercriminals, as Android-based malware samples jumped by 85 percent in the fourth quarter. Some of the malware attacks try to steal passwords and address books, while others rack up charges for the user by sending out costly instant messages, the report said.

Malware-hosting Web pages are starting to replace botnets as a way to infect vulnerable systems. The number of suspicious URLs rose by 70 percent last quarter and now average around 4.6 million each month. Among all those suspect pages, 95 percent played host to malware.

On the plus side, the number of botnets has declined, thanks in part to efforts by law enforcement officials. But cybercriminals turned off by the "botness business model" may simply be seeking other areas to exploit, McAfee concluded.