Topic: McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011

[Pez]

Today we released our Fourth Quarter 2011 Threat Report, revealing that malware surpassed the our estimate of 75 million unique malware samples last year. Although the release of new malware slowed a bit in Q4, mobile malware continued to increase and recorded its busiest year to date.

Malware

The overall growth of PC-based malware actually declined throughout Q4 2011, and is significantly lower than Q4 2010. The cumulative number of unique malware samples in the collection still exceeds the 75 million mark. In total, both 2011 and the fourth quarter were by far the busiest periods for mobile malware that McAfee has seen yet, with Android firmly fixed as the largest target for writers of mobile malware.

Contributing to the rise in malware were rootkits, or stealth malware. Though rootkits are some of the most sophisticated classifications of malware, designed to evade detection and “live” on a system for a prolonged period, they showed a slight decline in Q4. Fake AV dropped considerably from Q3, while AutoRun and password-stealing Trojan malware show modest declines. In a sharp contrast to Q2 2011, Mac OS malware has remained at very low levels the last two quarters.

Web Threats

In the third quarter McAfee Labs recorded an average of 6,500 new bad sites per day; this figure shot up to 9,300 sites in Q4. Approximately one in every 400 URLs were malicious on average, and at their highest levels, approximately one in every 200 URLs were malicious. This brings the total of active malicious URLs to more than 700,000.
The vast majority of new malicious sites are located in the United States, followed by the Netherlands, Canada, South Korea and Germany. Overall, North America housed the largest amount of servers hosting malicious content, at more than 73 percent, followed by Europe-Middle East at more than 17 percent and Asia Pacific at 7 percent.
Spam

At the end of 2011, global spam reached its lowest point in years, especially in areas such as the United Kingdom, Brazil, Argentina and South Korea. Despite the drop in global levels, McAfee Labs found that the present spearphishing and spam are highly sophisticated.

Overall botnet growth rebounded in November and December after falling since August, with Brazil, Columbia, India, Spain and the United States all seeing significant increases. Germany, Indonesia and Russia declined. Of the botnets, Cutwail continues to reign supreme, while Lethic has been on a steady decline since last quarter. Grum made a significant comeback after a long decline, surpassing Bobax and Lethic by the end of Q4.

Data Breaches

The number of reports of data breaches via hacking, malware, fraud and insiders more than doubled since 2009, according to privacyrights.org, with more than 40 breaches publicly reported this quarter alone. The leading network threat this quarter came via vulnerabilities in Microsoft Windows remote procedure calls. This was followed closely by SQL injection and cross-site scripting attacks. These remote attacks can be launched at selected targets around the globe.

Download McAfee’s Threats Report: Fourth Quarter 2011.


Orginal article: Tuesday, February 21, 2012 at 12:24pm by David Marcus

[Samker]

I found this info very interesting (screenshot is from report):



North America 73,3% , I was expected Asia on first place (because of China & Russia)...

[Pez]

I suppose that China is a bit blooked due to the regim and that the most servers is some how under the goverment's restrictions. So ther is not so many free servers ther. Also that the language bariare and the letters is different and on that way ther is more narrow in use of ther computers (nor so match outside China).
Regardign Russia it can be some of the same kind as China. But thay are probebly not so match out in the westen world if thay are not living in one of the big town's. Due to this ther is also more intrested to use ther own language. Thay are probebly not in the westen world due to so many out in the cuntry don't have so mach interest what happens outside. This due to the old time and miss trust for som of the westen world's informatio or miss information in ther view. 
 

[Samker]

That is logical explanation, but these two reports from F-Secure & Bitdefender shows that "The most important producers of malware are China and Russia with 31.30 and 21.88 percent, respectively." and on third place is Brasil - "Ranking third, Brazil only accounts for about 8.40 percent of the globally-produced malware". etc.

BitDefender: http://www.bitdefender.com/media/materials/e-threats/ro/H1_2011_E-Threats_Landscape_Report.pdf

F-Secure: http://www.cse.tkk.fi/fi/opinnot/T-110.6220/2011_Spring_Malware_Analysis_and_Antivirus_Technologies/luennot-files/Mobile%20Malware%20And%20Monetizing%20HUT.pdf

"Opposite" results?