Story image

Mobile malware at an all-time high

25 Feb 2016

In 2015 the volume of new mobile malware tripled, and as it continues to proliferate it's also becoming more complex and targeted, according to Kaspersky Lab.

The number Kaspersky Lab mobile products users attacked by ransomware increased from 1.1% to 3.8% between 2014 and 2015, according to the company, and overall, 884,774 new malicious programmes were detected, a three-fold increase on 2014 (295, 539).

On top of this, the number of new mobile banking Trojans decreased to 7,030 from 16,586 in 2014, and 94,344 unique users were attacked by mobile ransomware, a five-fold increase on 2014 (18,478).

Attacks were registered in 156 counties, and the Small.o was the most widespread of all mobile ransomware detected by the company last year.

The fact that the number of ransomware app modifications has increased by 3.5 times is proof that fraudsters are seeing ever more advantage in earning money from users via blackmail, Kaspersky Lab says.

This year is likely to see an increase in the complexity of the malware and its modifications, with more geographies targeted, according to the company.

Malware with super-user access rights - another threatening development

Nearly half of the top 20 Trojans in 2015 were malicious programmes displaying intrusive advertising on mobile devices. The most widespread last year were the Fadeb, Leech, Rootnik, Gorpro and Ztorg Trojans, Kaspersky says.

Fraudsters used every available method to propagate these Trojans, such as malicious web-banners, fake games and other apps published in official applications stores. In some cases they were positioned as legitimate software pre-installed by the device vendor.

Some of these apps have the ability to gain super-user access rights or root access, and such rights give attackers an almost unlimited ability to modify information stored on an attacked device, Kaspersky says.

If the installation is successful the malware becomes almost impossible to delete, even after a reboot to factory settings. Mobile malware with the ability to gain root access has been known about since 2011, and last year it was extremely popular among cyber-criminals. This is likely to continue in 2016, Kaspersky says.

Take care of your money - mobile banking malware

Banking Trojans are becoming more and more complex, despite a decrease in the number of modifications, Kaspersky finds. The mechanics of these malicious apps is the same as before: after getting into a clients' system/device, the malware overlays a bank’s legitimate pages or online payment apps with fake ones.

However, the scale on which such malware could be utilised grew significantly in 2015. Now cyber-criminals can attack clients of dozens of banks located in different countries using only one type of malware, while previously they would have used malicious apps that could only attack one or two financial services organisations in just a few countries.

An example of a malicious application with multiple targets is the Acecard Trojan, which has tools for attacks against users of several dozen banks and web-services.

Roman Unuchek Kaspersky Lab USA senior malware analyst, says, “As mobile devices become more and more functional, cybercriminals have become more and more sophisticated at attacks that attempt to steal money from users. Last year was the year of banking Trojans and ransomware. Adware was widely used to infect devices with more sophisticated malicious programmes.

“We also witnessed growing interest in malware that can gain super-user access on users’ devices. To stay safe do not neglect reliable mobile anti-virus solutions, bear in mind that prevention of the threat is better than suffering losses after the infection.”

Who's watching you? 
With privacy an increasing concern amongst the public, users should be more aware than ever of what personal data companies hold.
Fake apps on Google Play scamming users out of cryptocurrency
Fake cryptocurrency apps on Google Play have been discovered to be phishing and scamming users out of cryptocurrency, according to a new report from ESET.
Managing data to comply with privacy regulations - Micro Focus
It’s crucial for organisations to be able to access, understand, and accurately classify the data they have so they know how to treat it.
Hackbusters! Reviewing 90 days of cybersecurity incident response cases
While there are occasionally very advanced new threats, these are massively outnumbered by common-or-garden email fraud, ransomware attacks and well-worn old exploits.
SEGA turns to Palo Alto Networks for cybersecurity protection
When one of the world’s largest video game pioneers wanted to strengthen its IT defences against cyber threats, it started with firewalls and real-time threat intelligence from Palo Alto Networks.
Forrester names Trend Micro Leader in email security
TrendMicro earned the highest score for technology leadership, deployment options and cloud integration.
LogRhythm releases cloud-based SIEM solution
LogRhythm Cloud provides the same feature set and user experience as its on-prem experience.
The impact of bringing biometrics to the door
"Despite the benefits of biometrics, there have been impediments to its broader enterprise adoption."