Malware attacks on the rise

  @DavidGoldmanCNN September 4, 2012: 8:01 AM ET
cyberattack

Cyberattacks through malware are growing at their fastest pace in four years.

NEW YORK (CNNMoney)

The bad guys are winning the war on cybercrime: Computer viruses, trojans and web attacks are soaring at their fastest pace in four years.

In its quarterly "Threats Report," Intel (INTC, Fortune 500) subsidiary McAfee said that it had found more than 8 million new kinds of malware in the second quarter, up 23% from the first quarter. There are now more than 90 million unique strands of malware in the wild, the security company said.

Microsoft (MSFT, Fortune 500) Windows PCs remain by far the largest targets for malicious cyberattacks, but hackers are targeting other devices too, including Apple Macintosh computers and mobile phones.

"Attacks that we've traditionally seen on PCs are now making their way to other devices," said Vincent Weafer, head of McAfee Labs. "This report highlights the need for protection on all devices that may be used to access the Internet."

Apple (AAPL, Fortune 500) got a wake-up call in the second quarter. The company had advertised that Macs didn't get viruses, but a virus called "Flashback" changed all that. The scary piece of malware, which infected hundreds of thousands of Macintosh computers, looked like a normal Adobe (ADBE) Flash browser plug-in but stole thousands of usernames and passwords.

As Macintosh grows its PC market share -- it is now the third-largest computer platform in the United States -- hackers have increasingly targeted Apple computers. This summer, the company scaled back its security claims.

Related: Cyberweapon targets Middle East accounts

Google (GOOG, Fortune 500) is also a growing recipient of attacks. The company's mobile Android software is the target of virtually all new mobile malware -- viruses that are soaring in number. So far, McAfee has found about 13,000 different kinds of mobile malware this year, compared to fewer than 2,000 in 2011.

"Android malware shows no signs of slowing down, putting users on high alert," the company said.

New kinds of attacks include sending spam text messages, commandeering a phone for use in massive botnets, holding a phone hostage in exchange for ransom, and attacking a phone in a "mobile drive-by."

How hackers can steal your debit card info

"Ransomware" -- a popular tool for cybercriminals a decade ago -- is fashionable again on smartphones. After a user inadvertently downloads a piece of ransomware, the virus take control of the user's device and data, relinquishing it only if the user pays money to the attacker.

After years of ransomware dormancy, the attack method has grown rapidly in recent months. The second quarter was the biggest ever for new kinds of ransomware.

Related: Lying 'social engineer' hacks Wal-Mart

"Drive-by" downloads are another old form of PC attack that has been recently repurposed for smartphones. They're called "drive-by" because attackers break into websites and infect all users who visit them. McAfee said it found its first instances of mobile drive-by downloads in the second quarter -- attackers dropping malware on your phone when you visit an infected site.

"A victim still needs to install the downloaded malware, but when an attacker names the file 'Android System Update 4.0.apk,' most suspicions vanish," the report said.

Even Twitter has become a tool for attacks from botnets -- large collectives of infected PCs and phones that do the bidding of the attacker. Instead of connecting to all the infected devices via a Web server, cybercriminals are increasingly building viruses that are trained to search for commands from specific Twitter accounts. Using Twitter means attackers no longer have to buy an expensive Web server or go through the trouble of stealing one. To top of page



Join the Conversation

Market indexes are shown in real time, except for the DJIA, which is delayed by two minutes. All times are ET. Disclaimer LIBOR Warning: Neither BBA Enterprises Limited, nor the BBA LIBOR Contributor Banks, nor Reuters, can be held liable for any irregularity or inaccuracy of BBA LIBOR. Disclaimer. Morningstar: © 2014 Morningstar, Inc. All Rights Reserved. Disclaimer The Dow Jones IndexesSM are proprietary to and distributed by Dow Jones & Company, Inc. and have been licensed for use. All content of the Dow Jones IndexesSM © 2014 is proprietary to Dow Jones & Company, Inc. Chicago Mercantile Association. The market data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. FactSet Research Systems Inc. 2014. All rights reserved. Most stock quote data provided by BATS.