98% of mobile malware targets Android platform

If you consider all the hot new mobile products coming out of Mobile World Congress 2014, it’s clear that the world as a whole is crazy about mobile devices. While it’s no wonder that cyber crooks are also hot to follow the mobile trend,

Samsung Galaxy S5, Mobile World Congress 2014

Kaspersky Labs says the mobile malware sector is growing so rapidly, “It is safe to say that today’s cybercriminal is no longer a lone hacker but part of a serious business operation” that includes “virus writers, testers, interface designers of both the malicious apps and the web pages they are distributed from, owners of the partner programs that spread the malware, and mobile botnet owners.”

Did you know?…Worldwide, 85% of the population owns a smartphone; 96% of us use our phones to take photos and 70% of mobile devices are used to take “selfies.” Between 2012 and 2013, mobile messaging and social use grew a whopping 203%. According to the Intel IT Center, here's how we use our mobile devices to access social platforms:

Top mobile device usage by day

Since we can use our mobile devices to do most everything from banking to sharing juicy personal tidbits, there’s an entire ecosystem of bad actors wanting a piece of that action. For years, we’ve heard doom and gloom warnings about how mobile malware will explode, but a new mobile malware evolution report from Kaspersky Labs breaks down the threats, techniques and trends from 2013 without screaming that the sky is falling.

The bad guys want their mobile malware to be blessed with a Vulcan lifespan, to live long on the mobile device so the virus writers can prosper. Since a botnet can live longer and therefore be more profitable than an autonomous Trojan, even most SMS-Trojans have botnet functionality. In fact, “about 60% of mobile malware are elements of both large and small mobile botnets.”

Kaspersky Labs “not only saw a radical increase in output from mobile virus writers, but also saw them actively applying methods and technologies that allowed cybercriminals to use their malware more effectively.” One of the most interesting malware technological innovations seen in 2013 involved Google Cloud Messaging.

Kaspersky noted:

By using Google Cloud Messaging, botnet owners can operate without a C&C server, thus eliminating the threat of the botnet being detected and blocked by law enforcement authorities. Google Cloud Messaging is designed to send short message (up to 4 KB) to mobile devices via Google services. The developer simply has to register and receive a unique ID for his applications. The commands received via GCM cannot be blocked immediately on an infected device.

Although Android owners might not want to hear it, the platform is still the top target for malicious attacks. Android owners have been hearing that for years. In fact, back in 2011, Android was dubbed a cyber menace. This time, Kaspersky found that 98.05% of malware targets Android, which confirms “both the popularity of this mobile OS and the vulnerability of its architecture.”

Unfortunately, there is a specific feature of Android vulnerabilities that means it is only possible to get rid of them by receiving an update from the device manufacturers. However, many users are in no hurry to update the operating systems of their products. If a smartphone or tablet was released more than a year ago, it is probably no longer supported by the manufacturer and patching of vulnerabilities is no longer provided. In that case, the only help comes from an antivirus solution.

Kaspersky also mentioned the particularly nasty-sounding malware Svpeng that is “focused on stealing money from the victim’s bank account rather than from his mobile phone.” Svpeng “uses a previously unknown vulnerability to protect itself from being removed manually or by the antivirus program.”

Kaspersky Labs Mobile malware detected in 2013 by platform and category

During 2012-2013, Kaspersky detected about “10,000,000 unique malicious installation packages. In 2013, 3,905,502 installation packages were used by cybercriminals to distribute mobile malware. A total of 143,211 new modifications of malicious programs targeting mobile devices were detected in all of 2013 (as of January 1, 2014).” So many mobile banking Trojans came out in 2013 that it was dubbed the "trend of the year."

Luckily for the USA, Kaspersky said the mobile malware situation “is different. There are no monetization scams involving text messages, meaning there is no clear dominance by mobile SMS Trojans.” Instead, in the US, the biggest malware threats currently “include bots collecting data about infected smartphones.”

Sadly, Americans can’t count on the mobile malware situation staying relatively “safe.” The bad guys get a bit more inventive and innovative every day. For example, today Kaspersky Lab announced finding the first Tor-based Android Trojan. Whether you use Kaspersky antivirus for your mobile device, or another version, make sure you use a security app.

FREE Computerworld Insider Guide: Five IT certifications that won’t break you
Join the discussion
Be the first to comment on this article. Our Commenting Policies