The number of new mobile malware threats has been steadily increasing, from around 600 in the first quarter of 2009 to close to 1,000 in the fourth quarter of 2010. The most targeted mobile platform was the Symbian OS used on Nokia smartphones, according to the McAfee Labs report.
In the fourth quarter, a Zeus mobile variant targeting the Symbian OS platform, SymbOS/Zitmo.A, emerged. The malware is designed to capture financial mobile transaction authentication numbers on mobile devices.
In addition, McAfee saw the emergence of malware targeting the Android platform, Android/Gemini. This malware is inserted into legitimate mobile applications and games for the Android platform. This trojan tries to appear as a legitimate application by using a key to sign the application.
Dave Marcus, director of security research and communications at McAfee Labs, told Infosecurity: “There has been huge growth in mobile threats in the quarter….This says a lot about what’s going to happen in 2011 and 2012. We are going to see lots of mobile threats, whether it is Android, iPad, or iPhone.”
At the same time that mobile malware was on the rise, spam volumes dropped in the fourth quarter to the lowest point since the first quarter of 2007. McAfee attributed this to the take down of the Bredolab botnet.
But Marcus thinks it will only be a matter of months before spam volumes return to normal. “We expect the spam volume to rebound because once you take a botnet offline, the botnet will eventually get reseeded. The people who run the botnet will start reseeding their bots on other machines. So, unfortunately, that it is the way it goes."
In addition, there was a “huge growth” in all types of malware in the quarter. “We are seeing well over 55,000 new pieces of malware on a daily basis. The number is just gigantic”, Marcus said. “The automation and sophistication of malware production make it fairly straightforward for the bad guys…to pump out huge volumes of malware”, he added.
In addition, McAfee found that malicious PDFs targeting Adobe Acrobat were the “favorite target of client-side exploitation” in 2010. This trend is expected to continue as more mobile devices and non-Microsoft operating systems support Adobe technologies.
Adobe malware is “outstripping the vulnerabilities and the attacks against Microsoft by 100 to 1. So the bad guys are really focusing on using Adobe technologies as a way to get malware onto the machines”, Marcus said. The popularity of Adobe is “putting it in the cross-hairs of the malware writers and the cybercriminals”, he added.