Subscribe To Our Daily Enewsletter:

McAfee Q2 Threats Report: Malware Spikes 67%, Healthcare, Faceliker Attacks Rise

Raj Samani, McAfee

McAfee’s Q2 Threat Report covers a lot of ground, from assessing malware, ransomware, mobile malware and other threats, to the rise of script-based malware, threat hunting best practices, to analyzing the WannaCry and NotPetya ransomware and examining attacks across industries.

What stands out the most? Facebook has become a notable attack vector. That’s not good.

Here’s more bad news:

  • Healthcare accounted for 26 percent of Q2 2017 security incidents.
  • New malware samples were up 67 percent in Q2 to 52 million.
  • Faceliker, which infects a user’s web browser to hijack Facebook ‘likes’ to falsely promote content, accounted for nearly 9 percent of the quarter’s newly detected malware.
  • Mobile malware grew 61 percent in the past four quarters.
  • Global infections of mobile devices rose by 8 percent, Asia climbed by 18 percent.
  • New macro malware rose by 35 percent, new ransomware grew 54 by percent.
  • PowerShell script-based malware increased by 1385 percent over the last two years.

The good news:

  • Mac OS malware growth declined to 4 percent as adware surge ebb.
  • McAfee suggests threat hunting best practices.
  • Forewarned is forearmed.

McAfee also dives into malware threats and incidents during Q2:

Security incidents, targets:

  • 311 publicly disclosed security incidents increased 3 percent to 311 in Q2, of which 78 percent took place in the Americas.
  • The health, public, and education sectors accounted for more than 50 percent of total incidents in 2016-2017 worldwide.

Geographies, sectors:

  • In North America, healthcare sector attacks led vertical sectors in Q2 security incidents in the Americas.
  • In Asia, the public sector led in reported Q2 incidents, followed by financial services and technology.
  • In Europe, the public sector led followed by entertainment, health, finance, and technology.

Attack vectors, malware types:

  • Account hijacking led disclosed attack vectors, followed by DDoS, leaks, targeted attacks, malware and SQL injections.
  • The total number of malware samples grew by 23 percent in the past four quarters to about 723 million samples.
  • Ransomware samples grew by 47 percent in the past four quarters to 10.7 million samples.
  • Total mobile malware is up 61 percent in the past four quarters to 18.4 million samples.
  • Some 91,000 new mobile malware samples raised the overall count to 1.1 million.
  • The Gamut botnet continues to spam with job-related junk and phony pharmaceuticals. The Necurs botnet was the most disruptive, pushing multiple pump-and-dump stock scams during the quarter.

There’s more: In this blog, McAfee revisits WannaCry and NotPetya. The security provider also examines script-based malware and offers suggestions for threat hunters. For some more perspective, here’s what two McAfee executives had to say about malware:

On WannaCry and NotPetya: “We now live in a world in which the motive behind ransomware includes more than simply making money, welcome to the world of pseudo-ransomware.” — Raj Samani, McAfee chief scientist.

On threat hunting: “One underlying assumption is that, at every moment, there is at least one compromised system on the network, an attack that has managed to evade the organization’s preventive security measures.” — Ismael Valenzuela, McAfee threat hunting, security principal engineer.

Return Home

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *