Ransomware Soars 127% But Mobile Threat is Muted: McAfee Labs

Written by

Ransomware levels have soared by more than 120% over the past year as hackers grow ever more determined and attacks are carried out on an industrial scale, according to Intel Security.

The firm’s McAfee Labs Threats Report August 2015 marks five years since the chip giant first signaled its intent to acquire the security giant.

It revealed that the number of new ransomware samples rose 58% from the first three months of the year to Q2 2015, while the figure rocketed to 127% year-on-year.

The rise is attributed to fast-growing malware families including CTB-Locker and Cryptowall. Virtual currencies like Bitcoin and anonymizing networks such as Tor have helped the cyber-criminals stay hidden from law enforcement – “making it commercially viable and spurring unexpectedly high growth.”

The report continued:

“Another indicator of cybercrime business maturity has been the drop in technical skills required to participate in the industry. Off-the-shelf toolkits for malware, affiliate programs for ransomware, fill-in-the-blank attack-creation programs, and other familiar business offerings have been showing up in the dark web to support faster, simpler and broader distribution of attacks. It now takes very little skill to be a cyber-criminal.”

Other notable Q2 stats in the report include 6.7 million attempts every hour to trick Intel Security customers into connecting to “risky” URLs.

In addition, every hour more than 19.2 million infected files were exposed to customers’ networks, while seven million Potentially Unwanted Programs (PUPs) attempted to install or launch.

But it wasn’t all bad news. Although the number of mobile malware samples grew 17% in Q2, mobile malware infection rates dropped around 1% during the quarter, 4% in North America, McAfee Labs said.

In fact, the firm’s EMEA CTO, Raj Samani, admitted that despite surging growth in the number of devices on the market, most new malware samples discovered over the past year have had a relatively low impact.

“One main factor to consider is that the ROI associated with attacks against traditional devices is so high – especially considering ransomware – and simple to implement that the wholesale migration hasn’t occurred,” he told Infosecurity by email.

There are still risks in the mobile channel, however, as evidenced by revelations this week of a new iOS malware family targeting jailbroken Apple devices.

KeyRaider has already compromised 225,000 accounts, hitting some with ransomware and making unauthorized app purchases on others.

“At the moment, automatic backup capabilities make it relatively easy to clean and recover mobile devices if they fall into the wrong hands, but this will become more difficult as criminals move towards attacking cloud-based backups,” Samani argued.

“Serious threats to mobile device security may not have increased as quickly as initially foreseen but mobile malware is becoming steadily more advanced. Criminals are investing significant sums of money to find new attack methods which enable them to avoid traditional security controls. Mobile malware is no different.”

What’s hot on Infosecurity Magazine?