McAfee Retracts its 'Koobface' Malware Count and Provides Correction

By

It is a fact of life that we all make mistakes. The challenge in the Internet era is that when we make them that can go viral. Hopefully the corrections do as well, although this tends to be problematic. While I have made more than my fair share of miscues, and happen to believe that possibly the best way we learn is from our mistakes, McAfee made a faux pas last week that it is trying to address, and this is one that needs to go in the collective memory bank.

Last week there was a very popular posting about McAfee’s release of its McAfee Threats Report for Q1 2013. As all of us who wrote about this important report noted, it found amongst a variety of things a surge in spam, Koobface and MBR attacks. The problem is that since publication of the report it turns out the Koobface information was not just inaccurate, but off by more than a smidgeon.

This has prompted McAfee Labs, in the form of Craig Schmuger’s blog, to post a retraction.   In fairness to McAfee, the entire post reproduced below for purposes of clarification.

The McAfee Threats Report for the first quarter of 2013 highlighted a noteworthy increase in the number of Koobface malware samples on record. This data point is based on the number of unique malicious files associated with the Koobface family, and is generally one indicator of active malware development. Besides the number of changes made to a malware’s code base, sample counts can also be influenced by repacking of the same underlying code (a common evasion tactic used by malware distributors), garbage data or junk instructions added to binaries, and other forms of server or client polymorphisms (such as self-modifying code or web server scripts that result in a unique binary being served with each download). Another complication arises from what is often called a cocktail, in which a parasitic virus inhabits a host file that is itself another piece of malware.

These factors led to our Koobface statistics being off by a large margin. The corrected data below shows Koobface on a continuing decline since Facebook published its landmark post “Facebook’s Continued Fight Against Koobface” nearly a year and a half ago.




Edited by Ashley Caputo
SHARE THIS ARTICLE
Related Articles

Coding and Invention Made Fun

By: Special Guest    10/12/2018

SAM is a series of kits that integrates hardware and software with the Internet. Combining wireless building blocks composed of sensors and actors con…

Read More

Facebook Marketplace Now Leverages AI

By: Paula Bernier    10/3/2018

Artificial intelligence is changing the way businesses interact with customers. Facebook's announcement this week is just another example of how this …

Read More

Oct. 17 Webinar to Address Apache Spark Benefits, Tools

By: Paula Bernier    10/2/2018

In the upcoming webinar "Apache Spark: The New Enterprise Backbone for ETL, Batch and Real-time Streaming," industry experts will offer details on clo…

Read More

It's Black and White: Cybercriminals Are Spending 10x More Than Enterprises to Control, Disrupt and Steal

By: Cynthia S. Artin    9/26/2018

In a stunning new report by Carbon Black, "Hacking, Escalating Attacks and The Role of Threat Hunting" the company revealed that 92% of UK companies s…

Read More

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More