November 17, 2010, 2:03 PM — McAfee today revealed its McAfee Threat Report for the third quarter of 2010. Information like that provided by McAfee in these quarterly reports is valuable for IT admins--enabling them to keep a finger on the pulse of malware, and to stay in touch with emerging attack techniques and trends.
With the holiday shopping season upon us, cyber criminals will be pulling out all the stops and shifting into high gear to capitalize on the spike in online transactions and part naïve or gullible users from both their personal information and their money. Businesses and consumers both need to be on high alert and take a more proactive stance to guard against attacks.
A McAfee press release about the McAfee Threat Report states, "average daily malware growth has reached its highest levels, with an average of 60,000 new pieces of malware identified per day, almost quadrupling since 2007," adding, "At the same time, spam levels decreased in volume this quarter, both globally and in local geographies. Spam hit a two year low this quarter while malware continued to soar."
McAfee warns that, "Most recently, cybercriminals unleashed a Zeus botnet that is aimed at mobile devices and designed to intercept SMS messages to validate transactions. As a result, the criminal can perform all bank transactions, stealing funds from unsuspecting victims. McAfee also saw an increase in email campaigns attempting to deliver the Zeus botnet, under the disguise of the following recognized organization names: eFAX, FedEx, Internal Revenue Service, Social Security Administration, United States Postal Service and Western Union."
This report looks in-depth at the Stuxnet worm, which appears to have been crafted specifically to target the nuclear facility capabilities of Iran. More relevant to most IT admins, though, are the findings and analysis of social engineering attacks, and the potential risks associated with social networking.