Skip to main content

McAfee report sees ransomeware surge, praises Adobe for its response

ransomware hospital hackers demand more money ransomeware
Brian A Jackson/Shutterstock
Adobe has become a “gold standard” for responding to vulnerabilities, according to the latest McAfee Labs Threat Report, with the company patching most threats within one day.

In Q1 2015, 42 new Adobe Flash vulnerabilities were submitted to the National Vulnerability Database, and within 24 hours, Adobe patched them all, says McAfee Labs.

Adobe Flash vulnerabilities have always been common, but in Q1, new Adobe Flash malware grew a staggering 317 percent, from 47,000 samples in late 2014 to 200,000 now. McAfee Labs’ report says that cybercriminals have moved away from Java and Microsoft Silverlight vulnerabilities in favor of exploiting un-patched Adobe Flash vulnerabilities, but the company has responded accordingly, says the report’s authors.

“When we look at how quickly some organizations take to patch things, actually you’re getting a complete plethora of responses. I mean in certain cases we’ve actually seen where organizations haven’t even responded to security researchers when they’ve identified vulnerabilities in their platforms,” Raj Samani, EMEA CTO at McAfee, tells Digital Trends.

“If we look at the number of targeted attacks going after say Adobe, and specifically Flash vulnerabilities, the reality is with what we said with the gold standard, it really is that,” he says. “There’s a whole multitude of different kinds of responses but certainly Adobe appears to be way ahead of everybody else.”

Other companies were praised for offering attractive bug bounty programs in the face of a burgeoning market for zero days on the dark web, where vendors are selling off research from the security industry and making potential profits. “Are the bug bounties going to be anywhere near what someone can sell a zero day for? At the moment it doesn’t appear to be,” adds Samani. “We’re seeing certain organizations taking a very responsible approach regarding paying researchers, recognizing researchers, and I think it’s important to do that.”

Despite certain companies patching their software as swiftly as possible, there is still a culture of poor responses in the industry. “There’s a multitude of horror stories out there,” says Samani.

Intel Security's Raj Samani
Intel Security’s Raj Samani Security & Defence Agenda/Flickr

The report adds that overall there’s been a huge growth in malware, especially ransomware, with a couple of high-profile new samples hitting the scene. Ransomware grew 165 percent in the first quarter of 2015. The report credits this to the rise of major new ransomware families, CTB-Locker and Teslacrypt, along with updated versions of older strains like CryptoWall and TorrentLocker.

Ransomware has grown in popularity as people have become more amendable to paying, explains Samani, and its authors are more likely to target victims in richer countries. “The returns are really, really good,” he says. “If you’re looking at the specific threat actor being involved in cybercrime, their motive is to make money, then ransomware is a pretty profitable approach for them.”

CTB-Locker was one of the prevalent samples in the quarter. CTB stands for Curve, Tor, Bitcoin, with curve referring to the malware’s cryptography based on elliptical curves while the attacker’s control servers are placed on Tor and the ransom is listed in Bitcoin. The report anticipates that ransomware samples like this will continue to grow in the future.

McAfee Labs found that most other threats are either on the rise or holding steady from the previous report. The number of new mobile malware samples soared by 49 percent from Q4 2014 to Q1 2015.

“The number of total malware samples we’ve currently got in our zoo has hit 400 million. The total number of threats that we’re seeing are 362 per minute, which is about six every second,” explains Samani. “Basically what that means is within our malware zoo, we’ve now just hit the 400 million figure. That’s a 13 percent increase from Q4 2014 to Q1 2015.”

Editors' Recommendations

Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
John McAfee’s ‘hack-proof’ phone secures the hardware — but what about the software?
john mcafee hack proof phone

Digital security is a serious concern these days, and it seems like every week we hear of another vulnerability available to hackers who might want to gain access to your phone. Well folks, John McAfee thinks he has the solution, and has finally unveiled the plans for the "most hack-proof phone" ever.

The device is called the McAfee Privacy Phone, and it comes at a cost of $1,100. It was created in partnership with cybersecurity firm MGT and boasts a physical switch that allows the user to disconnect the battery, Wi-Fi and Bluetooth antennas, the camera, and the microphone.

Read more
Intel breaks out cybersecurity division McAfee as an independent company
8th gen intel core launch building 01

Intel is spinning out McAfee, the security software division it acquired in 2011, in a deal that values the company at $4.2 billion.

Intel is selling 51 percent of its stake to TPG, a private equity firm. TPG will also be investing $1.1 billion into McAfee, which will now be independent of Intel but the chipmaker will retain a 49 percent stake and get $3.1 billion in cash.

Read more
New 'El Gato' Android ransomware may sound cute, but it packs a punch
el gato android ransomware cat

A killer software cat may be coming for your text messages, according to a threat report by McAfee Labs Mobile Malware Research team. It's been dubbed "El Gato" -- "The Cat," in Spanish -- because the Android malware's code contains, of all things, an image of a yowling tabby.

McAfee discovered an instance of El Gato running on a compromised server, but noted that it appeared inert -- it wasn't password protected, and "included code words such as MyDifficultPassw." 

Read more