Q2 Threats Report Released–It’s All About Botnets and Spam
Tuesday July 28, 2009 at 8:52 pm CST
Posted by David Marcus
Today we released our Q2 Threats Report. Some old trends have continued. Some new trends and threats have been established, and some old “friends” have even outdone themselves. Spam volumes have increased 141 percent since March, continuing the longest ever streak of increasing spam volumes. We also highlight the dramatic expansion of botnets and the threat from AutoRun malware.
More than 14 million computers have been enslaved by cybercriminal botnets, a 16 percent increase over last quarter’s rise. The report confirmed our first-quarter prediction that the surge in botnet growth would send spam levels to new heights, surpassing their previous peak in October 2008 before the takedown of the spam-hosting ISP McColo.
Our researchers also found that over the course of 30 days AutoRun malware had troubled more than 27 million files. AutoRun malware, which exploits Windows’ AutoRun capabilities, does not require any user clicks to activate, and is most often spread through portable USB and storage devices. The rate of detection surpasses even that of the infamous Conficker worm by 400 percent, making AutoRun one of the most prevalent pieces of malware in the world.
Some of the other areas we cover and discuss:
Cybercrime as a Service
As the number of botnets continues to grow, malware writers have begun to offer malicious software as a service to those who control these bots. By exchanging or selling resources, cybercriminals distribute new malware to wider audiences instantaneously. Programs like Zeus–an easy-to-use Trojan creation tool–continue to make the creation and management of malware even easier.
Cybercriminals Target Twitter, Social Networks
Twitter’s growth in popularity has made it a new target for cybercriminals in the last three months. Malware like the “Mikeey” worm and new variations of the Koobface Trojan attack users through tweets and abbreviated URLs. Spam Twitter accounts are becoming increasingly prevalent. Twitter administrative accounts have also been hacked on multiple occasions, giving cybercriminals access to the private accounts of celebrities and politicians, such as Britney Spears and Barack Obama and even allowing for the publication of sensitive internal strategy documents on the Web. Facebook and MySpace remain strong attack vectors for cybercriminals. In May, spam messages on social networks pointed users to more than 4,000 new Koobface binaries!
To view the McAfee Q2 Threats Report, go here.
August 20th, 2009 at 10:47
[...] McAfee has released the Q2 Threat Report for 2009, which indicates that spam volumes have gone up by 141% since March, making this the “longest ever streak of increasing spam volumes” on record. The Q1 threat report, discussed here, indicated that cybercriminals had taken over almost 12 million new IP addresses (zombies) since January, a 50% increase over 2008. This record has now been broken: Q2 set a new record for zombie computers levels, at nearly 14 million. [...]