G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015

Similar documents
G DATA MOBILE MALWARE REPORT

MOBILE MALWARE REPORT

G Data Mobile MalwareReport. Half-Year Report July December G Data SecurityLabs

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

IT TRENDS AND FUTURE CONSIDERATIONS. Paul Rainbow CPA, CISA, CIA, CISSP, CTGA

Kaspersky Security 10 for Mobile Implementation Guide

The Increasing Threat of Malware for Android Devices. 6 Ways Hackers Are Stealing Your Private Data and How to Stop Them

Windows Malware Annual Report 2014 And prognosis 2015

BE SAFE ONLINE: Lesson Plan

How To Protect Your Online Banking From Fraud

Five Trends to Track in E-Commerce Fraud

Ibrahim Yusuf Presales Engineer at Sophos Smartphones and BYOD: what are the risks and how do you manage them?

Cyber Security in Taiwan's Government Institutions: From APT To. Investigation Policies

What do a banking Trojan, Chrome and a government mail server have in common? Analysis of a piece of Brazilian malware

Is your business secure in a hosted world?

ASEC REPORT VOL AhnLab Monthly Security Report. Malicious Code Trend Security Trend Web Security Trend

CONSUMER SECURITY RISKS SURVEY 2014: MULTI-DEVICE THREATS IN A MULTI-DEVICE WORLD. July, 2014

The Hidden Dangers of Public WiFi

Don t Fall Victim to Cybercrime:

Secure Your Mobile Workplace

CSUF Tech Day Security Awareness Overview Dale Coddington, Information Security Office

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks

Hesperbot. Analysts at IKARUS Security Software GmbH successfully removed a self-locking Android Malware from an infected smartphone

Malware Trend Report, Q April May June

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

Studying Security Weaknesses of Android System

Stopping zombies, botnets and other - and web-borne threats

WHITE PAPER > THE RISKS & REWARDS OF MOBILE BANKING APPS. The Risks & Rewards of Mobile Banking Apps

Cyber and Mobile Landscape, Challenges, & Best Practices

Types of cyber-attacks. And how to prevent them

10 Quick Tips to Mobile Security

Anthony Minnaar Dept of Criminology & Security Science School of Criminal Justice College of Law University of South Africa

The dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more

RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

DATA SHEET. What Darktrace Finds

WHITE PAPER. Understanding How File Size Affects Malware Detection

Cyber Security Awareness. Internet Safety Intro.

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY

Kaspersky Fraud Prevention platform: a comprehensive solution for secure payment processing

ENTERPRISE MOBILE THREATS. 2014: A Year In Review. I. Introduction. Methodology. Key Highlights ENTERPRISE

Web. Paul Pajares and Max Goncharov. Connection. Edition. ios platform are also at risk, as. numbers via browser-based social.

Securing mobile devices in the business environment

Visa CREDIT Card General Guidelines

2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security

Monitoring mobile communication network, how does it work? How to prevent such thing about that?

Advanced Online Threat Protection: Defending. Malware and Fraud. Andrew Bagnato Senior Systems Engineer

Whitepaper on AuthShield Two Factor Authentication with ERP Applications

KASPERSKY FRAUD PREVENTION PLATFORM COVERING ONLINE AND MOBILE BANKING RISKS

Mobile App Reputation

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.

Protecting against Mobile Attacks

IT Security Community

3. Security Security center. Open the Settings app. Tap the Security option. Enable the option Unknown sources.

platforms Android BlackBerry OS ios Windows Phone NOTE: apps But not all apps are safe! malware essential

Spyware: Securing gateway and endpoint against data theft

Trend Micro Incorporated Research Paper Adding Android and Mac OS X Malware to the APT Toolbox

The Value of Physical Memory for Incident Response

Protecting your Identity, Computer and Property

Managing Web Security in an Increasingly Challenging Threat Landscape

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Identity Theft. CHRISTOS TOPAKAS Head of Group IT Security and Control Office

Internet threats: steps to security for your small business

Guideline for Prevention of Spyware and other Potentially Unwanted Software

Security Best Practices for Mobile Devices

Best Practices for Deploying Behavior Monitoring and Device Control

Cyber liability threats, trends and pointers for the future

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Cyber Security Metrics Dashboards & Analytics

Transcription:

G DATA MOBILE MALWARE REPORT THREAT REPORT: Q1/2015

CONTENTS At a glance 03-03 Forecasts and trends 03-03 Current situation: 4,900 new Android malware samples every day 04-04 Half of Android malware is financially motivated 05-05 Examples for Trojans 06-06 When does advertising become Adware? 07-07 2

AT A GLANCE The global market share of Android smartphones and tablets used for Internet access exceeded 61 percent in the first quarter of 2015. Nearly 60.85 percent of users worldwide used a mobile device with an Android operating system to go online. Definitive malware numbers for Android devices: G DATA security experts identified and analysed 440,267 new malware samples in the first quarter of 2015. This represents an increase of 6.4 percent compared to the fourth quarter of 2014 (413,871). The number of malware strains rose by 21 percent compared to the first quarter of 2014 (363,153). FORECASTS AND TRENDS DEFINITIVE NUMBER OF NEW MALWARE SAMPLES INCREASES SIGNIFICANTLY G DATA security experts expect a rapid increase in numbers of new malware samples in 2015. A figure of over 2 million new Android malware strains is realistic. Users are ever more frequently using Android devices for everyday Internet usage when banking or shopping online. Cyber criminals make strenuous efforts to get malware into circulation here. Financially motivated Android malware makes up around half of the malware analysed (50.3 percent). This type of malware includes banking Trojans, ransomware, SMS Trojans and the like. Many apps, especially free ones, rely on the display of advertising, but at what stage should such applications be considered adware? When apps hide themselves in the background, conceal functions from the user or feed legitimate apps with additional advertising networks, the analysts categorise them as PUPs (potentially unwanted program). THE INTERNET OF THINGS: MOBILE DEVICES AS A GATEWAY Intelligent devices are frequently prone to attack. Whether these are intelligent cars or routers, researchers are coming across more and more security deficiencies. In many cases, smartphones and tablets are being used to control the devices. G DATA security experts are expecting mobile devices to become the focus of attacks as the propagation of the Internet of Things continues. Examples of this are fitness apps and trackers. All of the data collected can be stolen if it is not properly encrypted. 1 Statcounter: http://gs.statcounter.com/#mobile_os-ww-monthly-201501-201503 3

CURRENT SITUATION: 4,900 NEW ANDROID MALWARE SAMPLES EVERY DAY During the first quarter of 2015, G DATA security experts chronicled 440,267 new malware files. This represents an increase of 6.4 percent compared to the fourth quarter of 2014 (413,871). Consequently, the number of new malware programs has risen by 21 percent compared to the first quarter of 2014 (363,153). On average, the experts discovered almost 4,900 new Android malware files every day in the first quarter of 2015, an increase of almost 400 more new malware files per day compared to the second half of 2014. In the first quarter of 2015, the analysts identified a new malware sample every 18 seconds, per hour this makes about 200 new Android malware samples. 2 2 The retroactive figures in this report are higher than those previously published in the reports. In some cases, receives G DATA file collections with a large number of new malicious files from a longer period of time and these sometimes contain older files which are then mapped to the corresponding month. 4

HALF OF ANDROID MALWARE IS FINANCIALLY MOTIVATED 41 percent of European and 50 percent of U.S. consumers use a smartphone or tablet for their banking transactions. 3 Conducting financial transactions on a smartphone or tablet is an area of rapid growth something that cyber criminals have also noticed. For this reason, G DATA security experts have taken a closer look at the new malware files and determined that at least 50 percent of Android malware currently being distributed has a financially motivated origin and includes banking Trojans, SMS Trojans and the like. Counting unknown cases, the number could be even higher, as the experts have only studied malware with a direct financial purpose. If a malware program subsequently installs apps or steals credit card data as an additional process after a payment has been made, the malware does not appear as financially motivated in these statistics. The analysed values in these statistics relate to named (non-generic) malware. No potentially unwanted programs (PUPs) have been included in these statistics. 3 http://www.ezonomics.com/ing_international_survey/mobile_banking_2015 5

EXAMPLES FOR TROJANS SVPENG TROJAN The Svpeng Android Trojan is one example of financially motivated malware. Svpeng, which is known to G DATA as "Android.Trojan.Svpeng.A", combines the functionality of a finance malware program with the potential of ransomware. Depending on the variant, the malware steals access data when a banking app is used or encrypts the device to extort a ransom (ransomware). In the example image, the fraud can be seen from the fact that the descriptions are in Russian. Memory encryption is also requested as a right, entitling the application to encrypt app data. Finally, there is no Flash Player for the Android operating system. FAKETOKEN TROJAN The FakeToken banking Trojan (Android.Backdoor.Token.A) is specifically designed to steal mtans. In doing so, the Android malware disguises itself as one of the applications provided by the user's bank for generating TANs. A message that asks for the app to be installed is displayed by an attack during an online banking session on the mobile device. If the malicious app is then installed, the cyber criminals use the Trojan to access the victim's account. Attackers can log into the user's account using the stolen access data, intercept mtans and transfer money to their own accounts. The perpetrators can then use the data for their own purposes. 6

WHEN DOES ADVERTISING BECOME ADWARE? The purpose of adware is to display advertising to the user and, through the advertisements, generate financial profit first and foremost, as well as data that, in many cases, can be resold. Adware is displayed not only once, but every time a program is launched or the device is restarted. Adware frequently hides in manipulated or fake apps that are installed from sources other than the Play store. But at what point are apps categorised as adware? G DATA security experts draw a clear line on this question: When apps hide themselves in the background, conceal functions from the user or feed legitimate apps with additional advertising networks, the analysts categorise them as PUPs (potentially unwanted programs) and report this to the user. are simply non-existent. This means that publishers can place and offer adware in these applications. EXAMPLE ADWARE HOW DOES A PUP GET ONTO THE MOBILE DEVICE? Google declared war on such apps some time ago. Applications must follow specific guidelines for example, advertising within the app must be declared. Advertising forms that mimic system messages and might deceive or confuse users are forbidden. For example, no advertising can be displayed that emulates the Google Play store. Also forbidden is the placing of shortcuts or icons outside the application. No icons may be used that mimic an existing app in circulation either. The purpose of adware is to display advertising to users and acquire financial profit and data via these adverts. In this example, free copies of well-known apps are purchased via an advertisement that claims to be Google Play. Behind such ads are frequently manipulated apps that contain functions such as spyware or even more adware in addition to their actual functions. This can lead to a real torrent of advertising being dumped onto the user. But how can such applications get onto the mobile device? The answer generally lies in alternative app stores or intrusive advertising networks. Copies of paid-for original apps are often available here at a cheaper price or even for free, but they come packed with potentially unwanted add-ons. The guidelines and verification processes are not clearly regulated in many cases, or Copyright 2015 G DATA Software AG. All rights reserved. This document must not be copied or reproduced, in full or in part, without written permission from G DATA Software AG Germany. Microsoft, Windows, Outlook and Exchange Server are registered trademarks of The Microsoft Corporation. All other trademarks and brand names are the property of their respective owners and must therefore be treated as such. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information