Malware Reaches Record Levels: McAfee


Hackers were busy spreading more malware in the first half of this year than any other six-month period on record, according to security software maker McAfee.

The ugly truth was revealed in McAfee's (NYSE: MFE) Q2 2010 Threats Report (PDF format). In the first half of 2010, more than 10 million new pieces of malware were identified by security researchers and more than 6 million were unearthed in the second quarter alone.

The spike in malware in the second quarter was largely the result of a number of major news and popular cultural events that sophisticated malware purveyors latched onto with vigor. Using social engineering tactics designed to appeal to a mass audience interested in events like the FIFA World Cup soccer tournament and around-the-clock coverage of the disastrous oil spill in the Gulf Coast, attackers had numerous opportunities throughout the quarter to push their malicious websites and attachments.

"Cyber criminals are becoming more in tune with what the general public is passionate about from a technology perspective and using it to lure unsuspecting victims," Mike Gallagher, senior vice president and CTO of McAfee's Global Threat Intelligence group, said in the report. "These findings indicate that not only should cybercrime education be more widespread, but that security organizations should move from a reactive to a predictive security strategy."

Spam levels alone, however, actually leveled out in the second quarter, growing only 2.5 percent from the first three months of the year, according to McAfee.

Instead, new and proliferating forms of malware stole the show, with attacks targeting portable storage devices becoming the most prolific strain of malware in the second quarter, McAfee said. Next came fake antivirus software applications and social media come-ons that used popular sites, such as Twitter and Facebook, as their feeding ground.

McAfee estimates that more than 55,000 new variants of malware pop up online every day.

Malware spam -- defined as essentially anything that comes with a virus or Trojan attachment urging you to visit an infected website -- was the most popular in Colombia, India, South Korea, Russia and Vietnam. Argentina had the most variety in spam, with 16 different topic areas, ranging from drugs to lonely women to diplomas, McAfee's report found.

This unpleasant news comes at a time when enterprises are seemingly both more aware and less prepared to deal with an onslaught of new and more deceptive malware tactics.

The tactics aren't limited to traditional cyber criminals, however. High-profile assaults, such as Operation Aurora -- an attack widely seen as having originated in China that infiltrated dozens of U.S. tech companies including Google (NASDAQ: GOOG) and Intel (NASDAQ: INTC) -- not only cost companies a ton of money, but rattled the collective psyche of consumers and CIOs alike.

More than half (54 percent) of 600 IT executives surveyed in a recent McAfee survey said their companies had already suffered a large-scale attack or stealthy infiltration from organized crime gangs, terrorists or nation-states.

The initial estimated cost of downtime associated with a major cyber attack incident is more than $6.3 million a day -- expensive, but only a drop in the bucket compared to the price of losing key intellectual property or having a supply chain or Web site disrupted by strategically placed malware.

"Cyber criminals prosper because they have very little reason to fear the consequences," Jeff Green, senior vice president of McAfee Labs, said in the report. "As security experts, it’s time to take a hard look at what we do, how we do it, and what our ultimate goals are."

"Every time we release a new statistic about the rise in malware, it points to our failure as an industry," he added.

Larry Barrett is a senior editor at, the news service of, the network for technology professionals.

Follow eSecurityPlanet on Twitter @eSecurityP.