McAfee: Malware on Android jumps 37 percent over previous quarter

McAfee has issued a new report today which paints Android as the primary target for new mobile malware. With growth of 37 percent quarter over quarter, nearly every bit of malware identified by McAfee was related to Android. Among the more popular methods of attack are SMS-sending Trojans which collect personal information and (potentially) steal money.

What is your experience?

We’d love to hear from you guys on the subject of malware; what are your thoughts? Have you found yourself on the receiving end of an attack? What did you do? Or…do you think it’s just all scare tactics driven by companies who stand to profit?


McAfee Labs Predicts 75 Million Unique Malware Samples by End of 2011

SANTA CLARA, Calif. – Nov. 21, 2011 – McAfee today released the McAfee Threats Report: Third Quarter 2011, which showed that the Android mobile operating system solidified its lead as the primary target for new mobile malware. The amount of malware targeted at Android devices jumped nearly 37 percent since last quarter, and puts 2011 on track to be the busiest in mobile and general malware history.  Nearly all new mobile malware in Q3 was targeted at Android.

“This has been a very steady quarter in terms of threats, as both general and mobile malware are more prevalent than ever,” said Vincent Weafer, senior vice president of McAfee Labs. “So far this year, we’ve seen many interesting yet challenging trends that are affecting the threat landscape, including heightened levels of sophistication and high-profile hacktivist attacks.”

2011 Expected to Exceed Malware Estimates

At the end of 2010, McAfee Labs predicted that malware would reach the 70 million unique samples by the end of 2011. Because of the rapid proliferation of malware this year, McAfee Labs has increased this prediction to 75 million unique malware samples reached by year’s end, the busiest in malware history.

Malware authors are capitalizing on the popularity of Android devices, as demonstrated by the fact that the Android platform was the only mobile operating system for all new mobile malware in Q3. One of the most popular forms of trickery in Q3 was SMS-sending Trojans that collect personal information and steal money. Another new method of stealing user information is malware that records phone conversations and forwards them to the attacker.

Commonplace Attacks Holding Steady

Fake Anti-Virus (AV), AutoRun and password-stealing Trojans have bounced back strongly from previous quarters, while AutoRun and passwords stealers remain at relatively constant levels. Mac malware also continues to grow, following a sharp increase in Q2. Although the increase in Q3 was not as significant, McAfee Labs warns that as certain platforms grow in popularity for both consumer and business use, such as the Mac operating system, malware authors will increasingly use theses platforms to target victims.

Web threats are also a common way for attackers to prey on unsuspecting victims. Websites have bad or malicious reputations for a variety of reasons, and are often influenced by the hosting of malware of phishing sites. The number of “bad sites” dropped a bit, from an average of 7,300 new bad sites in Q2 to 6,500 new bad sites in Q3.

Spam and Messaging Threats Differ by Region

While spam still remains at its lowest levels since 2007, spearphishing, or targeted spam, is at its greatest development in years. While not prominent, spearphishing is still highly sophisticated and effective, resulting in an elevated threat level. While overall botnet infections dropped slightly in Q3, they seemed to have shown a significant increase in Argentina, Indonesia, Russia and Venezuela. As for the botnets that were the most damaging, Cutwail, Festi and Lethic lead the pack, while previous frontrunners Grum, Bobax and Maazben declined.

Social engineering is also a lure used in targeted attacks that depend greatly on geography and language. Attackers show remarkable insight into what works in different cultures and regions – not just globally but also seasonally, and can vary by month, season or holiday. In the United States, “Delivery Service Notifications” (or fake error messages) are the most popular, while in the United Kingdom “419 scams” reign supreme. In France, phishing scams dominate, while drug spam is the most popular lure in Russia.

Hacktivism Becomes Less Defined

Hacktivist attacks were primarily launched by Anonymous in Q3. One clear differentiator from past quarters is that the goals were not as abundantly transparent as in previous quarters. The report highlights hacktivist activity from Q3, with at least 10 high-profile attacks at the hands of Anonymous, including attacks against the Arizona Fraternal Order of Police, Booz Allen Hamilton, Bay Area Rapid Transit, Austrian Police and Goldman Sachs.

For more information on trends related to hacktivism, cyberwar, Web threats and malware, please download a full copy of the McAfee Threats Report: Third Quarter 2011 at

About McAfee
McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), is the world’s largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse and shop the Web more securely. Backed by its unrivaled Global Threat Intelligence, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee is relentlessly focused on constantly finding new ways to keep our customers safe.