McAfee 2009Q1 Threat Report

By: Absolute Team | 5/11/2009

McAfee has released the Q1 threat report for 2009 indicating that cybercriminals have taken over almost 12 million new IP addresses since January, a 50% increase over 2008. The report also indicates a shift in botnet activity, with the US now hosting the largest percentage of botnet-infected computers (80% of all zombie machines - those machines controlled by spammers and others).

Key Findings from the Threat Report:

  • Spam levels are still 30% below their peak levels (due to the November 2008 McColo shutdown), though spam volumes have recovered about 70% so far and are rising (the increase in zombie computers will trend this upward)
  • The US accounts for 35% of global spam output
  • Servers hosting legitimate content have increased in popularity with malware writers as a means for distributing malicious and illegal content.
  • Cybercriminals are increasing their use of URL redirects and Web 2.0 sites to disguise their locations.
  • Compared with the overall landscape, the Conficker worm represents a small subset of all threat reports. AutoRun-based malware is detected in far greater numbers than Conficker so far.

McAfee predicts that social networks will continue to offer attackers a popular means for social-entineering attacks, as we saw in Q1 with the Koobface variants being distributed on Facebook. Among other trends, customizing attacks and using fear tactics are also on the rise.

Download the report here.

Financial Services