McAfee report finds malicious sites nearly double and mobile malware continues to grow

The McAfee Threats Report Q4 2011 has found malware sample results that surpass its 75 million 2011 prediction, an almost doubling of malicious sites, an increase in mobile (particularly Android) malware, rootkits and botnets (Cutwail and Grum), and a decrease in global spam.

The Q4 report reveals that 2011 Malware results surpassed its estimates of 75 million unique samples. Overall growth of PC-based malware declined throughout Q4 2011 while both 2011 and Q4 were by far the busiest periods for mobile malware that McAfee has seen, with Android firmly fixed as the largest target for writers of mobile malware.

Contributing to the rise in malware, but showing a slight deline in Q4, were rootkits, or stealth malware - some of the most sophisticated classifications of malware, designed to evade detection and ‘live’ on a system for a prolonged period. Fake AV dropped considerably from Q3, while AutoRun and password-stealing trojan malware showed modest declines. In sharp contrast to Q2 2011, Mac OS malware remained at very low levels over the last two quarters.

McAfee Labs recorded an average of 6500 new bad sites per day in Q3; this figure increased to 9300 sites in Q4. Approximately one in every 400 URLs were malicious, on average; and at their highest levels, approximately one in every 200 URLs were malicious, bringing the total of active malicious URLs to more than 700,000.

The majority of new malicious sites were found to be located in the US, followed by the Netherlands, Canada, South Korea and Germany. Overall, North America housed the largest amount of servers hosting malicious content (more than 73%), followed by Europe Middle East (more than 17%) and Asia-Pacific (7%).

Global spam dropped at the end of 2011 to its lowest point in years, especially in the UK, Brazil, Argentina and South Korea with current spam and spearphishing found to be highly sophisticated.

Overall, botnet growth rebounded in November and December after falling since August, with Brazil, Columbia, India, Spain and the US seeing significant increases. Germany, Indonesia and Russia declined. Of the botnets, Cutwail proliferates, while Lethic has steadily declined since Q3. Grum made a significant comeback after a long decline, surpassing Bobax and Lethic by the end of Q4.

Reported data breaches via hacking, malware, fraud and insiders has more than doubled since 2009, according to consumer privacy advocate privacyrights.org. The leading network threat in Q4 2011 came via vulnerabilities in Microsoft Windows remote procedure calls. This was followed closely by SQL injection and cross-site scripting attacks.

The McAfee report echoes the findings of the 2011 Q4 AVG Community Powered Threat Report, which also warns of the increasing trend of mobile (particularly Android) malware.

View McAfee’s Threats Report: Fourth Quarter 2011.