Malware Is on the Move, Reports McAfee
Feb 8, 2011 11:54 AM PT
Cybercriminals are following innocent consumers away from email and toward more popular, smartphone-style platforms, McAfee reported Tuesday.
"New mobile malware in 2010 increased by 46 percent compared with 2009," noted McAfee spokesperson Joris Evers.
Among the likeliest targets in 2010, Symbian and Android platforms were splattered by Trojans and bots with names like "SymbOS/Zitmo.A" and "Android/Geinimi."
"Consumers need to realize that mobiles, whether smartphone or tablet, are mini computers," said David Gorodyansky, CEO of AnchorFree. "This means all the vulnerabilities of a computer exist, often with a less-protected OS."
"From a hacker's point of view, the large user base created by wide scale adoption of iOS (iPhone) and Android will increasingly make these platforms a target, and I definitely expect to see some high-profile mobile attacks in the coming year," Cenzic CMO Mandeep Khera told TechNewsWorld.
"Smartphone access should be a concern to corporations that don't want employees accessing company secrets via unsecured mobile networks," Khera told TechNewsWorld. "For consumers, as banks and e-commerce sites deploy apps that give customers unprecedented access to their bank accounts, security becomes more important than ever."
Unlike their mobile partners in crime, spam bots -- including Bredolab, Lethic, Xarvester, and parts of the Zeus botnet -- have gone dormant in droves this year,.
"Concurrently, spam accounted for 80 percent of total email traffic in Q4 2010, the lowest point since the first quarter of 2007," McAfee's Evers told TechNewsWorld.
The Bot Pack
Like a flu pandemic, botnet infections were particularly acute in Q4 2010, with Rustock, Cutwail and Bobax leading the bot pack. Social media sites, like mosquitoes, often acted as disease vectors.
"Whether we are using smartphones or computers, social engineering attacks are still the primary attack vector, and a major vector in the spread of botnet infections," University of Virginia information security analyst Karen McDowell, PhD, GCIH, told TechNewsWorld.
McAfee advises tablet and smartphone users to watch out for Zeus-Murofet, Conficker, and Koobface botnets specifically, and more generally, phishing URLs from the IRS, gift cards, rewards accounts, and social networking accounts.
Phishing vectors spread bot diseases when users click on phishing emails, answer phishing phone calls, or click on text messages that "appear to come from your carrier," McDowell explained, adding that tried-and-true preventive care works best. "Never give information via email, smartphone or on the Web, and verify independently before you click on any unknown text or email message, game, application or security update."
More preventive options: "Don't log onto unprotected WiFi, and use a VPN to encrypt and secure your browsing, which acts as a secure, encrypted tunnel for your communications," AnchorFree's Gorodyansky told TechNewsWorld.
Twenty million new pieces of malware -- nearly 55,000 new malware threats every day -- plastered the cybersphere in 2010, migrating toward smartphones because "cybercriminals are keeping tabs on what's popular and what will have the biggest impact from the smallest effort," said Vincent Weafer, senior vice president of McAfee Labs.
"Think globally, act locally" might be malware's new mantra, with threats that "now tend to match the types of users, habits and events that are specific to a region," McAfee's Evers added. Global criminal favorites include AutoRun malware such as Generic!atr; banking Trojans and downloaders such as PWS or Generic.dx; and Web-based exploits such as StartPage and Exploit-MS04-028, the McAfee report claims.
To avoid malware, treat search terms and Adobe products with extra care, McAfee advises. Of the top 100 search results, 51 percent led to malicious sites. And throughout 2010, malware developers exploited weaknesses in Flash and PDF, a trend McAfee sees continuing.
Despite the advice, pests will persist, driven to infect by "a general lack of awareness towards the need for security," Gorodyansky explained.
"This is the same as it was for computers, when most people thought they were completely safe once they installed an antivirus program," he recalled.
"It really doesn't matter what type of device is used -- the steps to secure a Web application haven't changed," Sam Shelby, e-government coordinator for the City of Columbia, Missouri, told TechNewsWorld. "You can never trust input: always authenticate, validate and sanitize input data."