Threats Timeline Tracks Recent Security Breaches

As a supplement to the latest McAfee Labs Threats Report, published this week, we offer this timeline of leading threats that made news in the fourth quarter of 2013.

2013-Q4 Threats Timeline graph


  • October 3: Adobe reports personal information relating to customer orders has been accessed in an attack on the company’s systems.[1] The total amounts to 152 million records, including names, customer IDs, encrypted passwords, encrypted debit or credit card numbers with expiration dates, and source code, according to DataLossDB.[2]
  • October 7: McAfee Labs announces criminal activities around the Quarian backdoor, which targets government agencies and embassies around the world, including the United States.[3]
  • October 18: McAfee Labs researchers discover a targeted attack using a technique that ensures the malware can run only on the targeted computer by using its IP address as a decryption key.[4]
  • October 31: McAfee Labs discovers a suspicious sample targeting a Microsoft Office vulnerability.[5] McAfee Labs confirms this is a zero-day attack and immediately shares its findings with the Microsoft Security Response Center, which on November 5 sends its warning about a previously unknown security vulnerability of a Microsoft graphics component. The attack, which exploits CVE-2013-3906, downloads an executable, a RAR SFX containing another executable and a fake Word document. (For details, see page 6 of the McAfee Labs Threats Report.)
  • November 5: Android/HackDrive: McAfee sends an alert on mobile malware used in a sabotage campaign in the Middle East.[6]
  • November 13: Intego blogs about a new variant of the Remote Control System, spyware from the Hacking Team. Targeting Macs, this program is described as an expensive rootkit used by governments during targeted attacks. Nicknamed OSX/Crisis, it can collect audio, pictures, screenshots, and keystrokes, and report everything to a remote server.
  • November 21 and 27: McAfee Labs reports that Japanese and Korean Android apps on Google Play steal mobile devices phone numbers.[7]
  • December 6: McAfee Labs explains how Android/Balloonpopper, a game recently revoked from Google Play, can secretly upload stolen conversations and pictures that can be retrieved by anyone who knows the phone number of the victim.[8]
  • December 16: McAfee reports a substantial amount of suspicious apps can secretly collect Google account IDs on Google Play.[9] Some of these applications, detected as Android/GaLeaker, are downloaded between 10,000 and 50,000 times.
  • December 16: The Hürriyet Daily News reports that Russian hackers stole ID data of 54 million Turkish citizens.[10]
  • December 17: McAfee Labs discovers variants of Reveton (Ransom-FFK!, Ransom-FFM!, Ransom-FFN!, Ransom-FFO!, and Ransom-FFQ!) that come with various flavors of encryption to evade antimalware detections.[11]
  • December 17: CVE-2013-5329 on Adobe Flash Version 11.9.900.117 is found integrated in the Angler exploit kit.[12]
  • December 19: Target confirms approximately 40 million credit and debit card accounts may have been impacted after unauthorized access to its payment system.[13] Later, Target raised the figure to 70 million.[14]



The post Threats Timeline Tracks Recent Security Breaches appeared first on McAfee.