One of the criticisms often leveled at information security vendors is that occasionally marketing hyperbole can creep into their analysis of the threat landscape. Well, one thing’s for sure looking at the latest hard figures on mobile malware – no exaggeration is needed to prove a point. In the newly released Q1 security roundup report, Cybercrime Hits the Unexpected, the number of mobile malware and high risk apps topped a staggering two million for the first time during the past quarter.
Just to give you an idea of how that figure has rocketed in recent months; although the first proof-of-concept mobile malware was discovered a decade ago, mobile malware hit one million just six months back. This incredible acceleration in the volume of malware – by 647,000 newly discovered pieces last quarter alone – has been made possible by a few things.
Toolkits on the rise
First up, the increasing availability of malware toolkits such as DENDROID. These kits effectively democratize the means to launch attacks – so that they’re no longer the preserve of mobile malware experts. DENROID, discovered in Q1, effectively allows cyber criminals to “Trojanize” legitimate applications for as little as $300. This not only helps them to evade detection by Android devices’ security features, but also increases the chances of them being downloaded by unsuspecting members of the public.
Other examples found in Q1 include a Trojanized version of the hugely popular mobile game Flappy Bird, which spread through third party app stores like wildfire.
From PC to mobile
Cyber criminals are also ramping up the sophistication of attacks, for example, using anonymity tool Tor to hide command and control servers and thus evade detection. Another example can be seen in how mobile malware attacks are mimicking what is happening in the fixed PC world. Thus, cyber criminals are looking to exploit vulnerabilities in the Android platform to steal personal data and infect devices. In March, Trend Micro discovered a bug which could put at least 10,000 apps at risk from hemorrhaging data by bypassing device permissions.
Interestingly, premium service abusers – the top form of Android malware in 2013 – were supplanted by adware on the Q1 threat list, which accounted for 47 percent of all malware. The reason? Major carriers recently dropped premium-text-service-billing rates in a bid to discourage cyber villains from exploiting their services. This led to many seeking more profitable endeavors, like adware.
Cyber criminals will always follow the money and if we can take any positives from Q1 it’s that hitting them where it hurts – in the wallet – can always be effective.
Please add your thoughts in the comments below or follow us on Twitter; @TrendMicro.