It is a fact of life that we all make mistakes. The challenge in the Internet era is that when we make them that can go viral. Hopefully the corrections do as well, although this tends to be problematic. While I have made more than my fair share of miscues, and happen to believe that possibly the best way we learn is from our mistakes, McAfee (News - Alert) made a faux pas last week that it is trying to address, and this is one that needs to go in the collective memory bank.
Last week there was a very popular posting about McAfee’s release of its McAfee Threats Report for Q1 2013. As all of us who wrote about this important report noted, it found amongst a variety of things a surge in spam, Koobface and MBR attacks. The problem is that since publication of the report it turns out the Koobface information was not just inaccurate, but off by more than a smidgeon.
This has prompted McAfee Labs, in the form of Craig Schmuger’s blog, to post a retraction. In fairness to McAfee, the entire post reproduced below for purposes of clarification.
The McAfee Threats Report for the first quarter of 2013 highlighted a noteworthy increase in the number of Koobface malware samples on record. This data point is based on the number of unique malicious files associated with the Koobface family, and is generally one indicator of active malware development. Besides the number of changes made to a malware’s code base, sample counts can also be influenced by repacking of the same underlying code (a common evasion tactic used by malware distributors), garbage data or junk instructions added to binaries, and other forms of server or client polymorphisms (such as self-modifying code or web server scripts that result in a unique binary being served with each download). Another complication arises from what is often called a cocktail, in which a parasitic virus inhabits a host file that is itself another piece of malware.
These factors led to our Koobface statistics being off by a large margin. The corrected data below shows Koobface on a continuing decline since Facebook (News - Alert) published its landmark post “Facebook’s Continued Fight Against Koobface” nearly a year and a half ago.