Ransomware Rises 127% from Q2 2014 to Q2 2015

McAfee Labs report analyses the last five years’ threat landscape, top cyber criminal exfiltration techniques, and other developments in the security space.

If you have enabled featured post on single post page option, the featured image shows at top of every post automatically. You may check this box to disable that image for certain posts.…[/caption]

Intel Security has released its McAfee Labs Threats Report: August 2015, which includes a critique of graphics processing unit (GPU) malware claims, an investigation of the top cybercriminal exfiltration techniques, and a five-year retrospective on the evolution of the threat landscape since Intel Corporation’s announcement of the McAfee acquisition.

The five-year threat landscape analysis suggests:

  • Intel Security foresaw threats targeting hardware and firmware components and threatening runtime integrity. · Increasingly evasive malware and long-running attacks did not surprise us but some of the specific tactics and techniques were unimagined five years ago.
  • Although the volume of mobile devices has increased even faster than we expected, serious broad-based attacks on those devices has grown much more slowly than we thought.
  • We are seeing just the beginnings of attacks and breaches against IoT devices. · Cloud adoption has changed the nature of some attacks, as devices are attacked not for the small amount of data that they store, but as a path to where the important data resides.
  • Cybercrime has grown into a full-fledged industry with suppliers, markets, service providers, financing, trading systems, and a proliferation of business models.
  • Businesses and consumers still do not pay sufficient attention to updates, patches, password security, security alerts, default configurations, and other easy but critical ways to secure cyber and physical assets.
  • The discovery and exploitation of core Internet vulnerabilities has demonstrated how some foundational technologies are underfunded and understaffed.
  • There is growing, positive collaboration between the security industry, academia, law enforcement, and governments to take down cyber criminal operations.

The August report also probes into the details of three proofs-of-concept (PoC) for malware exploiting GPUs in attacks. While nearly all of today’s malware is designed to run from main system memory on the central processing unit (CPU), these PoCs leverage the efficiencies of these specialized hardware components designed to accelerate the creation of images for output to a display. The scenarios suggest hackers will attempt to leverage GPUs for their raw processing power, using them to evade traditional malware defenses by running code and storing data where traditional defenses do not normally watch for malicious code.

Reviewing the PoCs, Intel Security agrees that moving portions of malicious code off of the CPU and host memory reduces the detection surface for host-based defenses. However, researchers argue that, at a minimum, trace elements of malicious activity remain in memory or CPUs, allowing endpoint security products to detect and remediate threats.

The August 2015 report also identified a number of other developments in the second quarter of 2015:

  • Ransomware. Ransomware continues to grow very rapidly – with the number of new ransomware samples rising 58% in Q2. The total number of ransomware samples grew 127% from Q2 2014 to Q2 2015. We attribute the increase to fast-growing new families such as CTB-Locker, CryptoWall, and others.
  • Mobile slump. The total number of mobile malware samples grew 17% in Q2. But mobile malware infection rates declined about 1% per region this quarter, with the exception of North America, which dropped almost 4%, and Africa, which was unchanged.
  • Spam botnets. The trend of decreasing botnet-generated spam volume continued through Q2, as the Kelihos botnet remained inactive. Slenfbot again claims the top rank, followed closely by Gamut, with Cutwail rounding out the top three.
  • Suspect URLs. Every hour in Q2 more than 6.7 million attempts were made to entice McAfee customers into connecting to risky URLs via emails, browser searches, etc.
  • Infected files. Every hour in Q2 more than 19.2 million infected files were exposed to McAfee customers’ networks.
  • PUPs up. Every hour in Q2 an additional 7 million potentially unwanted programs (PUPs) attempted installation or launch on McAfee-protected networks.


Tags assigned to this article:
cybercrime intel security mcafee

Advertisement

Around The World