Antivirus Protection & Internet Security Software
04 Aug 2014Virus News
During the last three months Kaspersky Lab has reported on a banking fraud campaign that saw €500,000 stolen from 190 victims in just one week, as well as the first in-the-wild mobile encryptor that is selling for $5,000 on the black market and has already infected 2,000 devices in 13 countries in less than a month. The quarter also saw iOS- and other mobile-based malware modules for a “legal” spy tool, and a MiniDuke APT campaign, re-loaded from early 2013 to target government, energy, military, and telecom sectors and even traffickers of illegal steroids and hormones.
There were changes to the top five sources of web attacks as Germany rose from fourth to first – its share increasing by 12 percentage points. The US (22%) dropped from first to second after its share fell by 6 percentage points. 44% of neutralized web attacks were carried out using malicious web resources located in these two countries. They were followed by the Netherlands (+3 percentage points in Q2), which remained in third place, the Russian Federation (-2.5 percentage points) and Canada (+6.3 percentage points).
Not just Android. Android is now not the only target for mobile malware developers. Cybercriminals have exploited iOS functions, with an attack on Apple ID completely blocking a device. This is followed by demands for a payment to be made to unlock the device. This news exposed the activities of Hacking Team, an Italian company that sells “legal” software called Remote Control System (RCS). Kaspersky Lab published the results of its latest research into the software showing a number of mobile malware modules for Android, iOS, Windows Mobile and BlackBerry that came from HackingTeam. The iOS module allows an attacker to access data on the device, to secretly activate the microphone and to take regular camera shots. This gives complete control over the whole environment in and around a victim’s device.
The first mobile encryptor. In May Kaspersky Lab discovered the first mobile encryptor in the wild. Named Pletor, it locks the phone for "viewing banned porn content", encrypts the smartphone memory card and displays a ransom demand.
Evolution of ransomware. Ransomware technology is actively developing. In early June, Kaspersky Lab detected a new modification of Svpeng aimed primarily at users in the US. The Trojan locks the phone and demands $200 to unlock it.
“The first six months of the year have shown that, as predicted, encryption of user data on smartphones has evolved. Criminals are making money by using methods that have proven effective for PC users. The growing interest in ‘big’ money among those carrying out these attacks is obvious – reflected in a sharp rise (14.5 times) in the number of banking Trojans over the last year. In addition to the financial benefits, the surveillance technology race is showing no let up. HackingTeam mobile modules showed that a mobile device can be used to gain complete control over the whole environment in and around a victim’s device,” commented Alexander Gostev, Chief Security Expert, Global Research and Analysis Team at Kaspersky Lab.
The full report is available at securelist.com
Cyberthreat real-time map
© 1997 – 2016 Kaspersky Lab
All Rights Reserved. Industry-leading Antivirus Software