McAfee Retracts its 'Koobface' Malware Count and Provides Correction

By

It is a fact of life that we all make mistakes. The challenge in the Internet era is that when we make them that can go viral. Hopefully the corrections do as well, although this tends to be problematic. While I have made more than my fair share of miscues, and happen to believe that possibly the best way we learn is from our mistakes, McAfee made a faux pas last week that it is trying to address, and this is one that needs to go in the collective memory bank.

Last week there was a very popular posting about McAfee’s release of its McAfee Threats Report for Q1 2013. As all of us who wrote about this important report noted, it found amongst a variety of things a surge in spam, Koobface and MBR attacks. The problem is that since publication of the report it turns out the Koobface information was not just inaccurate, but off by more than a smidgeon.

This has prompted McAfee Labs, in the form of Craig Schmuger’s blog, to post a retraction.   In fairness to McAfee, the entire post reproduced below for purposes of clarification.

The McAfee Threats Report for the first quarter of 2013 highlighted a noteworthy increase in the number of Koobface malware samples on record. This data point is based on the number of unique malicious files associated with the Koobface family, and is generally one indicator of active malware development. Besides the number of changes made to a malware’s code base, sample counts can also be influenced by repacking of the same underlying code (a common evasion tactic used by malware distributors), garbage data or junk instructions added to binaries, and other forms of server or client polymorphisms (such as self-modifying code or web server scripts that result in a unique binary being served with each download). Another complication arises from what is often called a cocktail, in which a parasitic virus inhabits a host file that is itself another piece of malware.

These factors led to our Koobface statistics being off by a large margin. The corrected data below shows Koobface on a continuing decline since Facebook published its landmark post “Facebook’s Continued Fight Against Koobface” nearly a year and a half ago.




Edited by Ashley Caputo
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

Can Science Outsmart Deepfake Deceivers? Klick Labs Proposes an Emerging Solution

By: Alex Passett    3/25/2024

Researchers at Klick Labs were able to identify audio deepfakes from authentic audio recordings via new vocal biomarker technology (alongside AI model…

Read More

Top 5 Best Ways to Integrate Technology for Successful Project-Based Learning

By: Contributing Writer    3/19/2024

Project-based learning, also popularly known as the PBL curriculum, emphasizes using and integrating technology with classroom teaching. This approach…

Read More

How to Protect Your Website From LDAP Injection Attacks

By: Contributing Writer    3/12/2024

Prevent LDAP injection attacks with regular testing, limiting access privileges, sanitizing user input, and applying the proper encoding functions.

Read More

Azure Cost Optimization: 5 Things You Can Do to Save on Azure

By: Contributing Writer    3/7/2024

Azure cost optimization is the process of managing and reducing the overall cost of using Azure. It involves understanding the resources you're using,…

Read More

Massive Meta Apps and Services Outage Impacts Users Worldwide

By: Alex Passett    3/5/2024

Meta's suite of apps and services are experiencing major global outages on Super Tuesday 2024.

Read More