Share

Related Stories

  • Fake Android app market infects thousands of devices with malware
    File under “don’t get off the boat:” A fake apps market for Android devices is serving up malware that has already stolen between 75,000 and 450,000 pieces of personal information from unwitting consumers within the first two weeks of its existence. The takeaway? Stick with official mobile apps, of course.
  • 99% of mobile malware targets Android
    The fact that Android malware is an escalating issue comes as no surprise, but a recent analysis of its sheer 'market share' of the mobile malware universe is noteworthy.
  • Android spambot spreads by offering free games
    File under 'if it sounds too good to be true, it probably is': A new Android trojan is spreading rapidly through SMS messages that offers free stuff, like $1,000 Target gift certificates and free games.
  • After Zitmo comes Citmo – Carberp in the mobile
    The Eurograbber campaign exposed earlier this month, netting €36 million for the criminals, was a Zeus-in-the-mobile (Zitmo) attack. Late last week, the AV companies started to warn about new Android trojans: Citmo, or Carberp-in-the-mobile.
  • Kaspersky: 2012 saw billions of new attacks, especially Mac, Android
    Web-based attacks are growing exponentially, according to Kaspersky Lab, which said that a surge in web attacks lately has resulted in it blocking more than 1.5 billion attacks and 3 billion infected files in 2012. The security firm said that it now detects 200,000 new malicious programs every day.

Top 5 Stories

News

Cybersecurity faces mostly 'post-PC' threats

23 January 2013

Even as the existing cybersecurity threat landscape becomes more complex, IT departments should be looking to the next wrinkle: cybercriminals have moved beyond the PC, targeting Android, social media and the Mac OS X with new attacks.

It is a “post-PC” world characterized by pervasive mobility and a range of smart devices that extend beyond the Windows machine paradigm. And for that reason, Trend Micro is warning in its 2012 Annual Security Roundup that the signs very clearly point to the biggest growth area for cyber-criminals like in the world beyond the desktop environment.

The study found that 2012 ended with 350,000 threats for Android devices – a sliver of traditional PC threats. However, consider this: the malware growth ratio reached 14 to 3 for Android versus PC, and it only took Android three years to achieve the equivalent volume that PC threats achieved within 14 years.

“For Android, it is no longer a case of directly installing malicious apps in smartphones,” researchers said. “Now, URLs are able to either wipe data from phones or take over devices. Smartphones are now facing the same kinds of threats previously seen on their PC cousins, all in roughly three years.”

Android, put simply, is a victim of its own success. “This explosive malware growth mirrors the growth of the Android OS itself,” Trend Micro said. “IDC estimates that as many as three-fourths of all smartphones shipped in the third quarter ran the Android OS. Since cyber criminals go after the most commonly used OS, Android has attracted the bulk of cybercriminal attention on mobile platforms to date.”

Two major mobile malware types dominated 2012. First, premium service abusers, which subscribe users to various “services” that add to their bills, were a top vector. And secondly, high-risk apps, which violate user privacy by acquiring sensitive data without asking for explicit consent, were in abundance.

“Android is well on its way to becoming the Windows of the mobile space,” Trend Micro concluded. “The popularity of Windows means that it has faced the lion’s share of desktop threats for years. Similarly, the large Android market was the target of most mobile threats, but their rate of volume growth and complexity swelled at a much faster pace compared with PC malware.”

The report also found that in 2012, Java supplanted pure Windows-based threats in the attackers' crosshairs leading, among other things, to the first widespread attack against the Mac, the firm said.

Also, social media platforms continued to grow as areas of concern with attackers targeting them more, users putting themselves at risk by oversharing on them, and their legitimate services being co-opted to support cybercriminal activities.

Meanwhile, attackers adopted more professional software development practices rather than introducing new attacks. The Blackhole Exploit Kit, automatic transfer systems (ATSs) and ransomware were all refined and improved with new features in ways that Trend Micro noted “would make any commercial software vendor proud.”

This article is featured in:
Application Security  •  Industry News  •  Malware and Hardware Security  •  Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×