As a supplement to the latest McAfee Labs Threats Report, published this week, we offer this timeline of leading threats that made news in the fourth quarter of 2013.
- October 3: Adobe reports personal information relating to customer orders has been accessed in an attack on the company’s systems.[1] The total amounts to 152 million records, including names, customer IDs, encrypted passwords, encrypted debit or credit card numbers with expiration dates, and source code, according to DataLossDB.[2]
- October 7: McAfee Labs announces criminal activities around the Quarian backdoor, which targets government agencies and embassies around the world, including the United States.[3]
- October 18: McAfee Labs researchers discover a targeted attack using a technique that ensures the malware can run only on the targeted computer by using its IP address as a decryption key.[4]
- October 31: McAfee Labs discovers a suspicious sample targeting a Microsoft Office vulnerability.[5] McAfee Labs confirms this is a zero-day attack and immediately shares its findings with the Microsoft Security Response Center, which on November 5 sends its warning about a previously unknown security vulnerability of a Microsoft graphics component. The attack, which exploits CVE-2013-3906, downloads an executable, a RAR SFX containing another executable and a fake Word document. (For details, see page 6 of the McAfee Labs Threats Report.)
- November 5: Android/HackDrive: McAfee sends an alert on mobile malware used in a sabotage campaign in the Middle East.[6]
- November 13: Intego blogs about a new variant of the Remote Control System, spyware from the Hacking Team. Targeting Macs, this program is described as an expensive rootkit used by governments during targeted attacks. Nicknamed OSX/Crisis, it can collect audio, pictures, screenshots, and keystrokes, and report everything to a remote server.
- November 21 and 27: McAfee Labs reports that Japanese and Korean Android apps on Google Play steal mobile devices phone numbers.[7]
- December 6: McAfee Labs explains how Android/Balloonpopper, a game recently revoked from Google Play, can secretly upload stolen conversations and pictures that can be retrieved by anyone who knows the phone number of the victim.[8]
- December 16: McAfee reports a substantial amount of suspicious apps can secretly collect Google account IDs on Google Play.[9] Some of these applications, detected as Android/GaLeaker, are downloaded between 10,000 and 50,000 times.
- December 16: The Hürriyet Daily News reports that Russian hackers stole ID data of 54 million Turkish citizens.[10]
- December 17: McAfee Labs discovers variants of Reveton (Ransom-FFK!, Ransom-FFM!, Ransom-FFN!, Ransom-FFO!, and Ransom-FFQ!) that come with various flavors of encryption to evade antimalware detections.[11]
- December 17: CVE-2013-5329 on Adobe Flash Version 11.9.900.117 is found integrated in the Angler exploit kit.[12]
- December 19: Target confirms approximately 40 million credit and debit card accounts may have been impacted after unauthorized access to its payment system.[13] Later, Target raised the figure to 70 million.[14]
[5] http://blogs.mcafee.com/mcafee-labs/mcafee-labs-detects-zero-day-exploit-targeting-microsoft-office-2
[6] http://blogs.mcafee.com/consumer/mobile-malware-used-in-sabotage-campaign-by-hackers-in-the-middle-east
[8] http://blogs.mcafee.com/mcafee-labs/androidballoonpopper-sums-up-mobile-threat-landscape-in-2013
[10] http://www.hurriyetdailynews.com/russian-hackers-stole-54-million-turkish-citizens-id-data-claim.aspx
The post Threats Timeline Tracks Recent Security Breaches appeared first on McAfee.