Mobile malware continued its steady rise in the second quarter of 2012, targeting mainly Android devices, according to the latest threat analysis provided by McAfee.
Mobile malware is certainly not proof-of-concept or early code.
The growth of mobile malware in 2012 has been "unprecedented," McAfee said with more than 13,000 mobile malware samples collected and analyzed by the security giant compared to less than 2,000 in 2012. The "McAfee Threats Report Q2 2012," (.pdf) highlighted the emergence of drive-by downloads targeting Android users, a Trojan that corrupts photos on an Secure Digital (SD) memory card, and a new botnet client that uses an Android device and a Twitter client to communicate commands.
"Mobile malware is certainly not proof-of-concept or early code," McAfee noted in its report. "It is fully functional and mature, and mobile malware writers know what they are looking for: consumer and business data."
The sharp increase in mobile malware documented by McAfee may be partially attributed to its focus on the Android platform. In January, it launched Android endpoint security software. Earlier this year, the company also joined other security vendors, launching a mobile app designed to protect Android devices. Security experts have been noting the increased threat to mobile devices as they become used for banking and other sensitive transactions. The threat is being taken seriously at enterprises. Many IT professionals indicated in a recent SearchSecurity.com enterprise mobility survey that addressing the threats posed by mobile device use in the workplace is a rising priority.
Still, mobile malware remains a tiny fraction of the malware collected by McAfee. The security vendor said its database contains more than 90 million samples and is on track to reach more than 100 million samples before the end of the year.
McAfee said it saw a slight increase in rootkits, with the Koutodoor Trojan showing "tremendous growth. Koutodoor,(.pdf) first detected in 2007, installs a rootkit, modifies registry values and attempts to remain undetected, giving the attacker administrator privileges to the victim's machine. The TDSS and ZeroAccess rootkits declined slightly, but continue to infect machines globally.
"Rootkits, or stealth malware, are one of the nastiest classifications of malware we see; they have a heavy influence on almost all other areas of malware," McAfee said. "They are designed to evade detection and 'live' on a system for a prolonged period."
Rogue antivirus, password stealing Trojans and ransomware also continues to be a problem.