{"id":2760,"date":"2014-10-28T15:20:37","date_gmt":"2014-10-28T15:20:37","guid":{"rendered":"http:\/\/kasperskydaily.com\/b2b\/?p=2760"},"modified":"2019-11-15T07:11:09","modified_gmt":"2019-11-15T12:11:09","slug":"the-ups-and-downs-of-mobile-threats","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/the-ups-and-downs-of-mobile-threats\/2760\/","title":{"rendered":"The ups and downs of mobile threats"},"content":{"rendered":"

According to the results of the \u201cMobile cyber-threats\u201d<\/a> survey carried out by Kaspersky Lab and INTERPOL between August 2013 and July 2014, every fifth Android-based device protected by Kaspersky Lab security solutions was attacked by malware at least once during the reporting period. In 60% of the registered attacks the malware used had a \u201cfinancial\u201d nature \u2013 i.e. its purpose was to steal users\u2019 money.<\/p>\n

The ups and downs of mobile threats #security<\/p>Tweet<\/a><\/blockquote>\n

Well, this would be just yet another unexciting cyberwar example, reiterating something quite well-known already \u2013 the \u201cutter unsafety\u201d of Android as the most targeted mobile operating system.<\/p>\n

There are, however, several twists in this case.<\/p>\n

According to the survey, a total of 1,000,000 Android device users around the world encountered dangerous software between August 2013 and July 2014. This represents about one fifth of all Kaspersky Lab mobile product users. More than 588,000 Android users worldwide faced financial malware (Trojan-SMS and Trojan-Banker, with Trojan-SMS accounting for 57% of attacks) during the reporting period \u2013 i.e. almost 60% of those users.<\/p>\n

Therefore, today\u2019s malware writers are mostly engaged in earning money. But let\u2019s look at the graph below:<\/p>\n

\"graph\"<\/a><\/p>\n

The huge spike, then the sharp drop. The spike detected between February and April, 2014 is mostly attributed to an influx of Trojan-SMS family. These accounted for 57.08% of all detections made by Kaspersky Lab security solutions for Android-based devices. Aside from the number of attacks, the \u201cdiversity of species\u201d among this sort of malware sky-rocketed as well: our experts found the number of mobile malware modifications grew sharply \u2013 from 423 in August 2013 to 5,967 in July 2014, a 14-fold increase.<\/p>\n

Modifications aren\u2019t exactly new malware, they\u2019re just altered versions of the existent malicious programs. \u201cA Trojan-SMS needs to infect dozens or even hundreds of devices to show a worthwhile profit\u201d, said Roman Unuchek, senior virus analyst at Kaspersky Lab. So malware writers create modifications of their programs, creating \u201cslightly\u201d different variants, expecting to spread them out as far and wide as possible. Hence the reason why Trojan-SMS malware is encountered more often.<\/p>\n

The abundance of the Trojan-SMS malware in the global statistics is also the reason for the sharp drop in the numbers of attacks detected after April 2014.<\/p>\n

Malware authors feed on loopholes and flaws. #security<\/p>Tweet<\/a><\/blockquote>\n

Actually, Trojan-SMS malware has mostly been (over 50% of cases) attacking Android users in Russia, that until quite recently was a very lucrative medium for them. Then \u201call of sudden\u201d the rules of the game changed: new regulations required all Russian operators to send a confirmation message from any subscriber who is trying to pay for services via SMS. This effectively meant that sending out the SMS to paid numbers without a user\u2019s knowledge and consent wasn\u2019t as easy as before. And thus seeding around the older-type Trojan-SMS malware became much less lucrative than before.<\/p>\n

However, in July the number of attacks started climbing again: criminals were apparently trying to fight back. The drop mentioned above shows that removing the \u201cnutritive medium\u201d \u2013 by whatever means \u2013 can be very effective. In this case, the \u201clegislation patch\u201d requiring a confirmation message from a subscriber every time, helped to remove \u2013 even if temporarily \u2013 the \u201charvesting\u201d of money using the most common mobile Trojans.<\/p>\n

Malware authors feed on the weaknesses, loopholes and flaws of the systems they do their \u201cbusiness\u201d in \u2013 for as long as they have a way to do it. Once it is no longer available, the party stops \u2013 at least, until they find yet another loophole.<\/p>\n

And if we speak of threats that vulnerable personal smart devices and mobile malware may pose for corporate networks in companies with BYOD adopted, the risks are decreased dramatically if the most apparent loopholes are plugged \u2013 a centralized antimalware solution is installed on all of the employees\u2019 devices, MDM tools are in place and working, the company\u2019s electronic payments are protected. This would diminish the possibility for attack, based on the most \u201ccommon\u201d mobile threats.<\/p>\n

The full version of the joint survey of mobile threats by Kaspersky Lab and Interpol is available here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Every fifth Android-based device protected by Kaspersky Lab security solutions was attacked by malware at least once in 2013-2014. In 60% of the registered attacks the malware used had a “financial” nature. While there’s seemingly nothing unexpected a certain twist is present…<\/p>\n","protected":false},"author":209,"featured_media":15856,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3052],"tags":[105,2209,1474],"class_list":{"0":"post-2760","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-android","10":"tag-mobile-threats","11":"tag-sms-trojans"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/the-ups-and-downs-of-mobile-threats\/2760\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/the-ups-and-downs-of-mobile-threats\/2760\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/the-ups-and-downs-of-mobile-threats\/2760\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/android\/","name":"Android"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/2760","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/209"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=2760"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/2760\/revisions"}],"predecessor-version":[{"id":30676,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/2760\/revisions\/30676"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/15856"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=2760"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=2760"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=2760"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}