McAfee QTR detects 2018 threat activity

McAfee has released its McAfee Labs Threats Report: September 2018, outlining the top security threats of 2018. 

The report found that the total number of ransomware samples has continued to grow, increasing 57% over the past four quarters.

Although the appearance of new ransomware families has slowed overall in recent quarters, McAfee also saw established ransomware families spawn new variants. For instance, McAfee saw a dozen new variants of the Scarab ransomware family appear in the Q2 alone. These newcomers account for more than 50% of the total number of known Scarab variants identified since the family’s appearance in mid-2017.

According to the Quarterly Threat Report, new mobile malware samples increased 27% in Q2. This is the second successive quarter of growth. McAfee customers in South America reported the highest rate of infection, at 14%. Total mobile malware grew 42% in the past four quarters.

A 204% increase in new samples suggests that hackers appear to have shifted to a new generation of JavaScript malware, according to the McAfee Labs report. After decreasing significantly over the last three quarters, JavaScript malware now accounted for more than 7 million new samples, a record high, and up from around 2 million in Q1.

The report found that while PowerShell has been active among fileless malware developers in recent previous quarters, new samples slowed to 15% growth. However, new LNK malware continues to grow, as cybercriminals are increasingly using .lnk shortcuts to surreptitiously deliver malicious PowerShell scripts and other malware. Total samples in the category have increased 489% over the past four quarters.

The QTR also found that the Gamut spam botnet outpaced all others in Q2. Most notably, it pushed high volumes of “Canada Revenue Agency” phishing scams. Notable recent campaigns were related to bogus employment offers that are commonly used as a “money mule” recruitment tactic.

 For more information, visit