Malware up, hackers bypass security safeguards: survey

WASHINGTON - Malicious software is on the rise both on computers and mobile devices, fueled in part by hackers' ability to bypass a key security measure, researchers said Wednesday.

McAfee Labs said in its third quarter survey that it is seeing a rise in malware which circumvents the so-called digital signature validation meant to ensure software can be trusted.

McAfee said it saw a 30 per cent jump in the quarter of mobile malware that allows an attacker to bypass the digital signature validation of apps on Android devices, along with a 50 per cent increase in traditional malware signed with digital signatures.

"The efforts to bypass code validation on mobile devices, and commandeer it altogether on PCs, both represent attempts to circumvent trust mechanisms upon which our digital ecosystems rely," said Vincent Weafer, senior vice president of McAfee Labs.

"The industry must work harder to ensure the integrity of these technologies given they are becoming more pervasive in every aspect of our daily lives."

McAfee's quarterly report on threats in cyberspace also cited a rise in the use of Bitcoin for illicit activities such as the purchase of drugs, weapons, and other illegal goods on websites such as Silk Road.

"As these currencies become further integrated into our global financial system, their stability and safety will require both financial monetary controls and oversight, and the security measures our industry provide," he said.

McAfee also saw cybercriminals develop Bitcoin-mining malware to infect systems, and produce Bitcoins for commercial transactions.

Bitcoins allow the creation of new currency through a process known as mining, according to McAfee. While initially people used their own computing resources for mining, certain kinds of malware allow attackers to employ infected computers to produce Bitcoins, often without their knowledge.