Mobile Malware On The Move, McAfee Report Says

The number of new malware samples hit 75 million worldwide last year even as PC malware counts declined, with mobile malware rapidly emerging, according to new data from McAfee Adam Wosotowsky, McAfee, senior anti-spam research analyst and an author of McAfee's new Fourth Quarter 2011 Threat Report, says there was a significant uptick in mobile malware -- mostly for Android platforms -- between the third and fourth quarters of last year. "We saw the rate of increase in mobile malware really take off compared with [the period] before," Wosotowsky says.

Mobile malware hit more than 400 unique samples in Q4, up from over 100 in the third quarter, and less than 50 samples in the first quarter of last year. McAfee also found that PC malware counts declined during Q4, and were lower than in Q4 of 2010. Even so, the total number of unique malware samples is more than 75 million as of Q4, the report says.

"I expected mobile malware to increase, but I didn't expect to see mobile malware shoot up like it did," Wosotowsky says. "I was really expecting to see that when they start porting SpyEye and Zeus to" mobile platforms at some point, he says.

Wosotowsky says McAfee also saw a shift in how the bad guys are deploying malware. "They are moving to a persistent model, where they are trying to get into corporations and steal intellectual property, more money, and to maintain the infection for a long period of time,' he says. "At the same time, it's important to note that's because so malware and Trojans under SpyEye now have that capability ... and botmasters can give control of an infected machine to another botmaster" who wants access to a particular organization, he says.

Rootkits dipped slightly in Q4, while Autorun and password-stealing Trojans decreased slightly.

There was an average of 9,300 malicious websites per day in Q4, up from 6,500 in Q3, according to McAfee. On average, one in every 400 URLs was malicious, and the total number of active malicious websites is more than 700,000. The U.S. hosts the most new malicious URLs, followed by the Netherlands, Canada, South Korea, and Germany. North America is home to more than 73 percent of servers hosting malicious content.

McAfee says attacks on Windows remote procedure calls was the number one threat in Q4, followed by SQL injection and cross-site scripting attacks.

The full report is available here< /a> (PDF). Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.