June 9, 2015
Intel Security today released its McAfee Labs Threats Report: May 2015, which includes revelations on the rapid proliferation of new ransomware, HDD and SSD firmware attacks by the Equation Group computer espionage group, and a major increase in malware targeting Adobe Flash multimedia software.
In the first quarter of 2015, McAfee Labs said it registered a 165% increase in new ransomware driven largely by the new, hard-to-detect CTB-Locker ransomware family, a new ransomware family called Teslacrypt, and the emergence of new versions of CryptoWall, TorrentLocker, and BandarChor.
McAfee Labs attributes CTB-Locker’s success to clever techniques for evading security software, higher-quality phishing emails, and an “affiliate” program that offers accomplices a percentage of ransom payments in return for flooding cyberspace with CTB-Locker phishing messages.
It recommended that “organizations and individuals make it a priority to learn how to recognize phishing emails.
The first quarter also saw new Adobe Flash malware samples increase by 317%. Researchers attribute the rise to several factors: the popularity of Adobe Flash as a technology; user delay in applying available Adobe Flash patches; new methods to exploit product vulnerabilities; a steep increase in the number of mobile devices that can play Adobe Flash files (.swf); and the difficulty of detecting some Adobe Flash exploits. Researchers are seeing a continued shift in focus among exploit kit developers, from Java archive and Microsoft Silverlight vulnerabilities to Adobe Flash vulnerabilities.
“With the popularity of a product like Flash, there comes a tremendous responsibility to proactively identify and mitigate security issues potentially threatening millions of users,” said Vincent Weafer, senior vice president of McAfee Labs.
The report also identified a number of other developments including:
An interview with Chris Young, head of Intel Security, who spoke at an event in Toronto today, will appear in the next issue of Connections+.