Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2013
    S M T W T F S
    « Aug   Oct »
    1234567
    891011121314
    15161718192021
    22232425262728
    2930  
  • Email Subscription

  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for September 30th, 2013




    Note:

    Some of the apps discussed in this blog entry were developed with an older adware SDK that did not contain opt-in provisions, particularly regarding the ability to collect information and display ads outside of the original app. The adware SDK has since been updated to this capability to comply with Google’s developer policies; apps that use this newer version are no longer considered high-risk.

    More details about this change can be found in our December 2012 Monthly Mobile Review: The Hidden Risk Behind Mobile Ad Networks.

    With three months to spare before the year ends, our prediction that mobile threats, specifically malware and high-risk apps reaching the 1 million mark has finally come true.

    In our 2Q Security Roundup for the year, we noted that more than 700 thousand malicious and risky apps were found in the wild. This impressive number plus the continuous popularity of the platform among users lead us to predict that 2013 would be the year when Android malware reaches 1 million.

    Figure 1. Growth in malicious/risky Android apps

    Our Mobile App Reputation data indicates that there are now 1 million mobile malware (such as premium service abusers) and high-risk apps (apps that aggressively serve ads that lead to dubious sites). Among the 1 million questionable apps we found, 75% perform outright malicious routines, while 25% exhibits dubious routines, which include adware.

    Premium Service Abusers, Adware Among Top Mobile Threats

    Malware families such as FAKEINST (34%) and OPFAKE (30%) were the top mobile malware. FAKEINST malware are typically disguised as legitimate apps. They are also premium service abusers, which sends unauthorized text messages to certain numbers and register users to costly services. One high-profile incident involving FAKEINST is the fake Bad Piggies versions, which we found right after the game’s release.

    Figure 1. Top Mobile Malware Family

    Figure 2. Top Mobile Malware Family

    The OPFAKE malware is similar to FAKEINST, particularly in mimicking legitimate apps. However, a variant (ANDROIDOS_OPFAKE.CTD) showed a different side of the malware, as it was found to open an .HTML file that asks users to download a possibly malicious file. Aside from sending messages to certain numbers and registering users to costly services, premium service abusers pose other risks to users. Our recent infographic shows the other dangers of installing this type of mobile malware.

    On the high-risk apps front, ARPUSH and LEADBLT lead the pack, gathering 33% and 27% of the total number, respectively. Both are known adware and infostealers, collecting device-related data such as OS information, GPS location, IMEI etc.

    Figure 2. Top High-risk Apps Family

    Figure 3. Top High-risk Apps Family

    The threat to mobile devices, however, is not limited rogue versions of popular apps and adware. Threat actors are also pouncing on mobile users’ banking transactions, with the likes of FAKEBANK and FAKETOKEN malware threatening users. Details about these malware can be found in our recent report A Look At Mobile Banking Threats.

    To keep your devices safe, it is important to treat your devices like your PC counterparts specially when it comes to security. Be wary of downloading apps and make sure to read the comments section and developer details. Trend Micro protects users from mobile malware and high-risk apps via Trend Micro Mobile Security App. Our Mobile Threat Hub also provides helpful information about mobile threats  and security tips for your smartphones, tablets and other gadgets.

    With analysis from Trend Micro Mobile Response Team

     


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice