By late January 2014, Kaspersky Lab had accumulated about 200,000 unique samples of mobile malware, up 34% from November 2013 – for context, two months earlier just over 148,000 samples had been recorded. Android is still target No. 1, attracting a whopping 98.05% of known bugs.
“The mobile world is one the fastest-developing IT security areas,” the company said in the report. “In 2013 security issues around mobiles have reached new heights and attained a new level of maturity in terms of both quality and quantity.”
It added, “If 2011 was the year when mobile malware gained traction, especially in Android-land, and 2012 was the year of mobile malware diversification, then 2013 saw mobile malware come of age. It’s no great surprise that mobile malware is approaching the PC threat landscape in terms of cybercriminal business models and technical methods; however the speed of this development is remarkable.”
Where are they coming from? By the end of January, the official Google Play market offered 1.10 million applications total. But it’s the third-party app stores that are most worrying.
Kaspersky said that Google’s mobile OS is a particular target because of “Android’s leading market position, the prevalence of third party app stores and the fact that Android has a rather open architecture, making it easy to use for both app developers and malware authors alike. We do not expect this trend to change in near future.”
Alternative, unofficial stores have many more apps – and these are more likely to be malicious, as they aren’t subjected to any type of certification or testing process. Interestingly, Kaspersky said that the majority of malicious Android applications are being developed in Russia.
In most cases malicious programs target the user’s financial information – no surprise really, given the rise of mobile banking and mobile wallets. This was the case, for example, with the mobile version of Carberp trojan, which steals user credentials as they are sent to a bank server.
SMS trojans remain the most common issue, and these, “with a few exceptions, have evolved into bots, so we can easily unite the leaders of both into a single category – Backdoor Malware.” A full 62% of malicious applications are elements of mobile botnets.
“Mobile botnets actually offer a significant advantage over traditional botnets: smartphones are rarely shut down, making the botnet far more reliable since almost all its assets are always available and ready for new instructions,” Kaspersky explained. “Common tasks performed by botnets include mass spam mail-outs, DDoS attacks and mass spying on personal information, all of them non-demanding actions in terms of performance and easily achieved on smartphones.”
The MTK botnet, appearing in early 2013, and Opfake, among many others, are proof that mobile botnets are no longer just a playground for cybercriminals, but have become common practice to serve the main purpose: financial profit, the firm added.