New Threats Seen Subverting Digital Signature Validation

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next New Threats Seen Subverting Digital Signature Validation-2 Next

Digitally signed malware samples increased 50 percent, to more than 1.5 million new samples. McAfee Labs also revealed the top 50 certificates used to sign malicious payloads. This growing threat calls into question the validity of digital certificates as a trust mechanism.

McAfee Labs recently released the "McAfee Labs Threats Report: Third Quarter 2013," which found new efforts to circumvent digital signature app validation on both PCs and Android-based devices. The McAfee Labs team identified a new family of mobile malware that allows an attacker to bypass the digital signature validation of apps on Android devices, which contributed to a 30 percent increase in Android-based malware. At the same time, traditional malware signed with digital signatures grew by 50 percent to more than 1.5 million samples. Less surprising but no less daunting was a 125 percent increase in spam.

“The efforts to bypass code validation on mobile devices, and commandeer it altogether on PCs, both represent attempts to circumvent trust mechanisms upon which our digital ecosystems rely,” said Vincent Weafer, senior vice president of McAfee Labs. “The industry must work harder to ensure the integrity of these technologies given they are becoming more pervasive in every aspect of our daily lives.”

The third quarter also saw notable events in the use of Bitcoin for illicit activities such as the purchase of drugs, weapons, and other illegal goods on websites such as Silk Road. The growing presence of Bitcoin-mining malware reinforced the increasing popularity of the currency.

Weafer continued: “As these currencies become further integrated into our global financial system, their stability and safety will require both financial monetary controls and oversight, and the security measures our industry provides.”

Leveraging data from the McAfee Global Threat Intelligence (GTI) network, the McAfee Labs team identified the following trends in Q3 2013.

 

Related Topics : Unisys, Stimulus Package, Security Breaches, Symantec, Electronic Surveillance

 
More Slideshows

BitSightRansomware0x Ransomware: The Rising Face of Cybercrime

Ransomware is a legitimate threat, with estimates from the U.S. Department of Justice showing that over 4,000 of these attacks have occurred every day since the beginning of the year. ...  More >>

Security121-190x128 5 Ways CFOs Can Implement an Effective Cybersecurity Strategy

While cybersecurity concerns are widespread, finance remains one of the most vulnerable areas for malicious attacks. ...  More >>

infra100-190x128 Top 10 Strategic Technology Trends for 2017

Here are the top 10 strategic technology trends that will impact most organizations in 2017. Strategic technology trends are defined as those with substantial disruptive potential or those reaching the tipping point over the next five years. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.