Record levels of spam, malware and Web-based threats

The number of new file-sharing sites hosting unauthorized, copyrighted content skyrocketed over the last three months, according to McAfee’s latest report. It also shows that spam, malware and Web-based threat creation has reached record levels in the last quarter, and that cybercriminals are extorting site-owners with threats of DDoS attacks.

Piracy undeterred by Pirate Bay shutdown

Cybercriminals are taking advantage of a 300 percent jump in the creation of file-sharing sites that occurred while The Pirate Bay was prosecuted in Sweden. As users develop more sites to share content, malware writers are creating sites to trick users looking to download copyrighted material into downloading malicious programs. McAfee predicts the number of these malicious sites will increase during the fall and holiday blockbuster film seasons.

Many of these sites sprang up to scam users of The Pirate Bay who were looking for a new place to download copyrighted material. Users began creating their own sites to support The Pirate Bay community when the site was in the process of being shut down. When the site was back up after only 24 hours, the new torrent sites disappeared quickly.

Spam, malware and Web threats at an all-time high

Spam and malware levels have reached an all-time high, with threats surpassing previous records in the last quarter. Web-based attacks have also increased as cybercriminals take advantage of celebrity deaths and natural disasters.

Spam reached its highest level in history, breaking the previous record set in the second quarter of 2009 by 10 percent. Spam now comprises 92 percent of all e-mail. When compared with the third quarter of 2008, spam jumped 24 percent.

Web-based attacks are the newest hot threat vector, and have become one of the most dangerous tools cybercriminals utilize. These attacks can target anyone who visits a malicious Web page, and are delivered to users through spam, phishing, social networks and even through redirects from hijacked legitimate Web sites.

Fifty-five percent of all malicious URLs are hosted in the US, and cybercriminals are getting increasingly effective at utilizing SEO techniques to drive traffic to these bad sites. Malware authors take advantage of news stories like the death of celebrities and natural disasters to hide their malicious intentions.

DDoS for sale

In the last quarter, McAfee Labs observed many new denial-of-service attacks, including some that demand ransom. Four Australian sports betting companies were taken down during key events like the football and rugby finals, resulting in millions of dollars of losses.

DDoS as a service is growing in popularity, with many cybercriminals offering botnets comprised of thousands of zombie computers to attack sites for the highest bidder. These botnets are capable of knocking even some of the most-protected sites offline. Cybercriminals will even offer a “demo” performance for a few minutes to prospective buyers.

The McAfee Labs Third Quarter Threats Report is available in PDF format here.