July has seen a significant increase in aggressive polymorphic malware.
According to Symantec's Intelligence Report for July, there was a rise of 23.7 per cent in intercepted email-borne malware, a figure that is more than double that of six months ago. It said that this indicates a much more aggressive strategy on the part of the cyber criminals.
Symantec found that malware is frequently contained inside an executable within the attached ZIP archive file and often disguised as a PDF file or an Office document.
Paul Wood, senior intelligence analyst at Symantec.cloud, said that the number of variants of malware had now grown by a factor of 25 times in comparison to six months ago, and he called this ‘a disturbing proliferation in such a short time'.
He said: “This new aggressive approach to distributing generic polymorphic malware on such a scale should be concerning for many businesses, particularly for those who rely solely on more traditional security countermeasures, which this type of malware is designed to evade.
“One example of this technique involves changing the start-up code in almost every version of the malware; subtly changing the structure of the code and making it harder for emulators built-in to many anti-virus products to identify the code as malicious.
“Two key areas in which we can see this trend are, firstly, the increase in phishing against wireless application protocol (WAP) pages; and secondly, the use of compromised domain names that have been registered for mobile devices, for example, using the .mobi top-level domain.”
Also in July, the UK became the most targeted country for phishing emails, with one in 127.9 emails identified as phishing. Symantec also identified that an average of 6,797 websites were harbouring malware and other potentially unwanted programs including spyware and adware; an increase of 25.5 per cent since June 2011.