0 Comments |  Planning |  PRINT | 

Mobile malware evolving “frighteningly” fast: Report

Friday, 27 January 2012 | By Michelle Hammond

Malware targeting mobile devices is evolving “frighteningly” fast and has the potential to be even more destructive than ever before, according to a worrying new report.


The AVG Community Powered Threat Report is based on the online security firm’s community protection network traffic and data, collected over a three-month period and analysed by AVG Threat Labs.


It provides an overview of web, mobile devices, spam risks and threats, with statistics obtained from the community protection network, described as an “online neighbourhood watch”.


Information about the latest threats is collected from customers who choose to participate in the product improvement program, and shared with the community to ensure its protection.


According to the latest report, the rise of mobile devices has led to rapid growth of mobile malware, primarily targeting Android-based devices.


“Malware targeting mobile devices [is evolving] frighteningly fast, and the magnitude has the potential of being even more destructive than before,” the report said.


“At the end of 2010, numbers [were] already indicating that new mobile devices were overtaking new purchased PCs… While consumers are going mobile, so are the cyber criminals.”


“We have witnessed the use of the same malicious intent tactics targeting mobile devices: social engineering, stolen or fake certificates to sign malware, rootkits and other tactics.”


In 2011, AVG reported on the rapid growth of malware targeting Android devices, presenting examples of malicious code and infection methods.


According to AVG, this trend continues to grow against a backdrop of the “enormous” growth of activated Android devices in the past six months, from 100 million devices to 200 million.


“Cyber criminals have now clearly discovered phones as an interesting target… 2011 saw a surge in both Android users and Android malware samples,” AVG said in its report.


“In December, Google removed another 22 malicious apps from the Android market, making the total for 2011 pass the 100 mark.”


AVG chief technology officer Yuval Ben-Itzhak says the convergence between computers and mobile phones now applies to malware.


“As phones become more like computers, so do the risks,” Ben-Itzhak says.


“Many sophisticated tricks of the trade from computers are now being repurposed for phones. However, as phones are often tied into billing systems, the gains can be far greater.”


According to AVG, the use of stolen certificates is making its way from PCs to mobile devices. Digital certificates are often used to certify the identity of the author of an application.


If a criminal can get their hands on the certificate belonging to a major software developer, their malware can circumvent security provisions and give users a false sense of security.


Meanwhile, rootkits have become one of the most serious threats to target operating systems in recent years, AVG said.


“Rootkits evolved from commercial and financial use to cyber warfare with a very specific target,” it said.


“Currently, we are witnessing the first phase of the rootkit evolution on mobile devices. They are ever-evolving to be much more sophisticated.”


Finally, the popularity of QR codes has been identified as an ideal way to distribute malware to unsuspecting victims.


“The user does not know what lurks behind the QR code until the malware is already installed and running,” AVG said.


“Putting a malicious QR code sticker onto existing marketing material or replacing a website’s bona fide QR code with a malicious one could be enough to trick many unsuspecting people.”