It seems every bit of good news received about Web security is tempered with some bad.
McAfee unveiled its McAfee Threats Report for the Third Quarter (2010) today, which revealed that while spam levels decreased in volume this quarter (hitting a two year low) malware is soaring with an average of 60,000 new pieces of malware identified each day – quadrupling since 2007.
“Our Q3 Threat report shows that cybercriminals are not only becoming more saavy, but attacks are becoming increasingly more severe,” said Mike Gallagher, senior vice president and chief technology officer of Global Threat Intelligence for McAfee.
“Cybercriminals are doing their homework, and are aware of what’s popular, and what’s insecure. They are attacking mobile devices and social networking sites, so education about user activity online, as well as incorporating the proper security technologies are of utmost importance.”
One of the most sophisticated pieces of malware in Q3 was the Zeus botnet, the malware at the root of U.S. small businesses losing $70 million at the hands of Ukrainian cybercriminals. Recently, a Zeus botnet was unleashed that is aimed at mobile devices and designed to intercept SMS messages to validate transactions, putting at risk consumers bank accounts. McAfee also saw an increase in email campaigns attempting to deliver the Zeus botnet, under the disguise of organizations like eFAX, FedEx, Internal Revenue Service, Social Security Administration, United States Postal Service and Western Union.
Botnet activity also remained strong in Q3, the most popular of which, Cutwail, accounted for more than 50 percent of traffic in every country. Cutwail bots engaged in distributed denial-of-service attacks against more than 300 websites, including United States government departments such as the Central Intelligence Agency and Federal Bureau of Investigation, and businesses websites such as Twitter and PayPal.