<< Back to article Print this page Loading page, please wait...

Mobile malware grows as spam takes a dive: Security experts

Over 55,000 pieces of new malware created every day say vendors

Hamish Barwick (Computerworld)
15 February, 2011 02:00

Security software providers, M86 and McAfee, have warned companies not to be complacent in the face of increased mobile malware, as two new reports reveal mobile malware is on the rise while spam emails are declining.

McAfee Asia Pacific chief technology officer, Michael Sentonas, said that new mobile malware has increased by 46 per cent since 2009 and 55,000 new malware threats are emerging every day.

“We are seeing a drastic shift in the diversity of global malware,” he said in a statement. “Cyber criminals are now tapping into worldwide trends – targeting users based on specific geographies and certain devices that they use.

“We see the direct correlation between device popularity and cybercriminal activity, a trend we expect to surge in 2011.”

Both security providers found that in the fourth quarter of 2010, spam levels fell due to the closure of some widely used programs such as Spamit.com.

“Spam hitting its lowest levels can be attributed to a transition period with several botnets growing dormant during a time of year when spam volumes are usually on an upward path,” the McAfee report read.

Around the Christmas holiday period, spam from botnets Lethic, Xarvester and Rustock disappeared, with the latter typically sending out 44.1 billion spams per day but that volume suddenly dropped on 25 December to about 500 million per day.

However, although traditional forms of spamming may be down, M86 vice president of technical strategy, Bradley Anstis, said social networking spam is on the rise.

“For example, The LinkedIn scam has a legitimate look and feel, inviting users to connect with others in their network, only to be connected with the Phoenix exploit infection page, which tries to exploit the victims’ computer,” he said in a statement.

This scam worked in the same manner as the Facebook phishing email scam, which resembled genuine friend requests and invited potential victims to join the social networking site.

In addition, Anstis said patched vulnerabilities are continuing to be used for malicious gain.

“Organisations and individuals must get better at updating their applications and staying ahead of attacks on their devices and networks,” he said.

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow Computerworld Australia on Twitter: @ComputerworldAU