McAfee Retracts its 'Koobface' Malware Count and Provides Correction

By Peter Bernstein June 10, 2013

It is a fact of life that we all make mistakes. The challenge in the Internet era is that when we make them that can go viral. Hopefully the corrections do as well, although this tends to be problematic. While I have made more than my fair share of miscues, and happen to believe that possibly the best way we learn is from our mistakes, McAfee made a faux pas last week that it is trying to address, and this is one that needs to go in the collective memory bank.

Last week there was a very popular posting about McAfee’s release of its McAfee Threats Report for Q1 2013. As all of us who wrote about this important report noted, it found amongst a variety of things a surge in spam, Koobface and MBR attacks. The problem is that since publication of the report it turns out the Koobface information was not just inaccurate, but off by more than a smidgeon.

This has prompted McAfee Labs, in the form of Craig Schmuger’s blog, to post a retraction.   In fairness to McAfee, the entire post reproduced below for purposes of clarification.

The McAfee Threats Report for the first quarter of 2013 highlighted a noteworthy increase in the number of Koobface malware samples on record. This data point is based on the number of unique malicious files associated with the Koobface family, and is generally one indicator of active malware development. Besides the number of changes made to a malware’s code base, sample counts can also be influenced by repacking of the same underlying code (a common evasion tactic used by malware distributors), garbage data or junk instructions added to binaries, and other forms of server or client polymorphisms (such as self-modifying code or web server scripts that result in a unique binary being served with each download). Another complication arises from what is often called a cocktail, in which a parasitic virus inhabits a host file that is itself another piece of malware.

These factors led to our Koobface statistics being off by a large margin. The corrected data below shows Koobface on a continuing decline since Facebook published its landmark post “Facebook’s Continued Fight Against Koobface” nearly a year and a half ago.




Edited by Ashley Caputo
SHARE THIS ARTICLE
Related Articles

Modern Moms Shaping Influence

By: Maurice Nagle    7/19/2018

Everyone knows Mom knows best. The internet is enabling a new era in sharing, and sparking a more enlightened, communal shopping experience. Mommy blo…

Read More

Why People Don't Update Their Computers

By: Special Guest    7/13/2018

When the WannaCry ransomware attacked companies all over the world in 2017, experts soon realized it was meant to be stopped by regular updating. Even…

Read More

More Intelligence About The New Intelligence

By: Rich Tehrani    7/9/2018

TMC recently announced the launch of three new artificial intelligence events under the banner of The New Intelligence. I recently spoke with TMC's Ex…

Read More

Technology, Innovation, and Compliance: How Businesses Approach the Digital Age

By: Special Guest    6/29/2018

Organizations must align internally to achieve effective innovation. Companies should consider creating cross-functional teams or, at a minimum, incre…

Read More

Contribute Your Brain Power to The New Intelligence

By: Paula Bernier    6/28/2018

The three events that are part of The New Intelligence are all about how businesses and service providers, and their customers, can benefit from artif…

Read More