This growth was largely attributed to misuse of automated Content Distribution Networks (CDNs) that wrap malicious code within digitally signed installers.
Vincent Weafer, Senior Vice President, McAfee Labs, said point-of-sale (POS) attacks and data breaches in the fall of 2013 were carried out by the “dark web” malware industry.
“The ‘off the shelf’ genesis of some of these crime campaigns, the scale of operations, and the ease of digitally monetising stolen customer data all represent a coming of age for both Cybercrime-as-a-Service and the ‘dark web’ overall,” he said.
Weafer characterises the fourth quarter of 2013 as a period when cyber crime became a reality for more people than ever before.
He adds that cyber thefts often catch people off guard, as they were pre-occupied with their holiday shopping.
“The impact of these attacks will be felt both at the kitchen table as well as the boardroom table,” Weafer said.
Digital theft
Beyond the growth of malware, the report highlighted the ease of stolen credit card numbers and other personal consumer data being sold online.
Weafer said the malware used in these incidents were simple in design and likely purchased “off the shelf” from the Cybercrime-as-a-Service community before further customisation took place.
“Thieves offering for sale some of the 40 million credit card numbers reported stolen in batches of between one and four million at a time,” he said.
As for ransomware, the report found samples doubled in number from Q4 2012 to Q4 2013 by one million new samples.