McAfee Labs researchers have released the third quarter threat report that highlights cyber threats and details common and new malware that has emerged during the third quarter. Part one of the report can be read here.

Signed Malware

In general, enterprises incorporate malware detection rule in their firewalls that detect when a binary is digitally “signed.” Binaries that are signed using a certificate from a known Certificate Authority (CA) are thought to be valid.

However, cybercriminals have found ways to sign their malicious payloads using either stolen certificates or certificates from rogue CA vendors. McAfee Labs reported that the percent of digitally signed malware increased from 1.3% in 2010 to 5.3% in 2013. This means that there are more than 5 million digitally signed malware samples. This threat is more evident for mobile devices, with the percent of signed malware increasing from less than 10% to nearly 25% in the last three years.

Virtual Currencies

Third quarter saw the rise of virtual currencies whose value is not tied to traditional currencies, such as dollars, euros, and yen. Estimates of the virtual currencies market grew to $47.5 billion. Virtual currencies allow users to buy and sell goods and online services without the constraints enforced by credit cards and/or electronic fund transfers. Furthermore, virtual currency transactions can be done anonymously.

This anonymity feature has attracted cybercriminals as it enables them to offer unlawful goods and services in transactions that fall under the radar of law enforcement.

Virtual currencies allow cybercriminals to offer illegal products such as drugs, weapons, and other goods online.

Virtual currencies have led to the development of several “Deep Web” marketplace sites that serve as a hub for illegal product distribution. One of the largest Deep Web marketplace sites, Silk Road, was shut down by law enforcement officials in October. Silk Road had over 200 categories, which included drugs, ATM hacking, and illegal weapons. Silk Road operated as a Tor hidden service, which allowed users to browse anonymously.
Even though the shutdown of Silk Road was a huge victory for law enforcement, plenty other similar Deep Web market places exist and are operating globally.