Share

Related Stories

  • DoD approves Android, BlackBerry 10 smartphones for use by soldiers
    US soldiers will soon be able to get their Android on…sort of. The US Department of Defense has approved the use of Samsung’s hardened, secure version of Android in smartphones used by the military, along with BlackBerry 10 devices.
  • BadNews Android malware pushes fraud schemes
    A new mobile malware family, the appropriately named BadNews, has been found in 32 apps across four different developer accounts in Google Play. It masquerades as an advertising network, but in actuality pushes fraud-oriented malware and other “monetization” bugs.
  • Mobile malware increased by 163% in 2012; 95% aimed at Android
    Android is the prime target for mobile malware; China is the most infected country; criminality is getting better organized; users are not learning lessons; and there’s no improvement in sight – all from the latest report on mobile malware.
  • Pincer.A – new Android trojan warning
    A new Android trojan that pretends to be a security feature has been discovered. Once installed, it displays a ‘certificate’ logo, which, if clicked, pops up a message: “Certificate installed successfully! Your device is protected now.”
  • Tibetan, Uyghur activists targeted with Android malware
    Tibetan and Uyghur activists are once again in the cross-hairs of cybercriminals bent on espionage and tracking their movements. This time, however, the attack was carried out via Android malware.

Top 5 Stories

News

Game-changer: Android malware moves beyond apps

15 May 2013

Android malware authors have officially turned the complexity corner, according to an analysis of mobile malware for the first quarter of 2013. The size and scope of the Android threatscape is evolving, adding new tactics and advanced approaches that extend beyond malicious applications.

According to F-Secure Labs' latest Mobile Threat Report, Q1 saw Android threat distribution reach outside of apps for the first time, via email spam, the first targeted Android attacks and the first Android advanced fee-fraud scam. Additionally, examples of increased commoditization of Android malware surfaced.

"I'll put it this way: Until now, I haven't worried about my mother with her Android because she's not into apps,” said Sean Sullivan, security advisor at F-Secure Labs, in announcing the report. “Now I have reason to worry because with cases like Stels, Android malware is also being distributed via spam, and my mother checks her email from her phone."

The Android trojan known as Stels has begun distributing via fake US Internal Revenue Service-themed emails, using an Android crimeware kit to steal sensitive information from the device, and monetizing itself by making calls to premium numbers. This type of mobile malware commoditization "could be a game changer," according to Sullivan.

Q1 also saw the first targeted attacks in the mobile space. Tibetan human rights activists were targeted with emails that contained an Android-malware-infected attachment, and a so-called "coupon app" for a popular coffee chain steals information from phones with South Korean country codes.

Mobile devices are being targeted in India, too, where the first Android advanced fee fraud surfaced. A fake "job offer" Android app in India informs that the user is being considered for a position at TATA Group, an Indian multinational company. To arrange the interview, the app asks for a refundable security deposit.

Apple-heads can rejoice though: while the number of new mobile threat families and variants continued to rise in the quarter (by 49% from the quarter before), none of them relate to the iPhone or iPad. The number of families rose from 100 to 149, and F-Secure said that Android accounted for 136, or 91.3% of these. The other 13 (8.7%) were for the Symbian mobile operating system.

Overall, the report shows increasing rates of malware development as well: the Q1 2013 numbers are more than double that of a year ago, when 61 new families and variants were discovered.

This article is featured in:
Application Security  •  Industry News  •  Internet and Network Security  •  IT Forensics  •  Malware and Hardware Security  •  Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×