The report highlights the role of the “dark web” malware industry as a key enabler of the high-profile point-of-sale (POS) attacks and data breaches in the fall of 2013.Thereport explains how increasing ease of purchasing POS malware online, and selling stolen credit card numbers and other personal consumer data online.
McAfee Labs also reported the number of digitally signed malware samples triple over the course of 2013, driven largely by the abuse of automated Content Distribution Networks (CDNs) that wrap malicious binaries within digitally signed, otherwise legitimate installer.
Vincent Weafer, senior vice president for McAfee Labs, said in a statement, “The fourth quarter of 2013 will be remembered as the period when cybercrime became ‘real’ for more people than ever before, These cyber thefts occurred at a time when most people were focused on their holiday shopping and when the industry wanted people to feel secure and confident in their purchases. The impact of these attacks will be felt both at the kitchen table as well as the boardroom table.”
McAfee Labs collected 2.47 million new mobile samples in 2013, with 744,000 in the fourth quarter alone to check mobile malware. Our mobile malware zoo of unique samples grew by an astounding 197 percent from the end of 2012.
The report finds out that there is 52 percent increase in number of new malicious signed applications as compared from the previous quarter. There is clear sign of growth in signed malware samples includes stolen, purchased, or abused certificates, the vast majority of growth is due to dubious CDNs. The McAfee Labs team predict that the growing number of maliciously signed files could create confusion among users and administrators, and even call into question the continued viability of the CA (News - Alert) model for code signing.