McAfee Labs said the scenarios suggest hackers will attempt to leverage GPUs for their raw processing power, using them to evade traditional malware defences by running code and storing data where traditional defences do not normally watch for malicious code.
Reviewing the PoC, Intel Security agrees that moving portions of malicious code off of the CPU and host memory reduces the detection surface for host-based defences. However, researchers argue that, at a minimum, trace elements of malicious activity remain in memory or CPUs, allowing endpoint security products to detect and remediate threats.
The report also detailed techniques Cyber-criminals use to exfiltrate a wide variety of information on individuals from corporate networks such as: names, dates of birth, addresses, phone numbers, social security numbers, credit and debit card numbers, health care information, account credentials, and even sexual preferences.
In addition to tactics and techniques used by attackers, the analysis examined attacker types, motivations and likely targets, as well as policies businesses should embrace to better detect exfiltration.
The August 2015 report also identified a number of other developments in the second quarter of 2015:
- Ransomware: Ransomware continues to grow very rapidly – with the number of new ransomware samples rising 58 percent in Q2. The total number of ransomware samples grew 127 percent from Q2 2014 to Q2 2015. Intel Security attributed the increase to fast-growing new families such as CTB-Locker, CryptoWall, and others
- Mobile slump: The total number of mobile malware samples grew 17 per cent in Q2, but mobile malware infection rates declined about 1 percent per region this quarter. Exceptions were North America, which dropped almost 4 percent, and Africa, which remained unchanged.
- Spam botnets: The trend of decreasing botnet-generated spam volume continued through Q2, as the Kelihos botnet remained inactive. Slenfbot again claims the top rank, followed closely by Gamut, with Cutwail rounding out the top three.
- Suspect URLs: The company said that every hour in Q2, more than 6.7 million attempts were made to entice its customers into connecting to risky URLs via emails, browser searches and other methods.
- Infected files: The research also found that every hour in Q2 more than 19.2 million infected files were exposed to McAfee customers’ networks.
Sign up for Computerworld eNewsletters.