Android threat report by Kaspersky for 2022: malware on Google Play and inside the Vidmate in-app store, mobile malware statistics.

Reports

In October 2022, we identified an active infection of government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions.

Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal data. In 2022, we observed a DNS changer function implemented in its Android malware Wroba.o.

We continue to track the BlueNoroff group’s activities and this October we observed the adoption of new malware strains in its arsenal.

In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government organizations.

Malware reports

The mobile malware threat landscape in 2022

Crimeware trends: self-propagation and driver exploitation

IT threat evolution in Q3 2022. Non-mobile statistics

IT threat evolution in Q3 2022. Mobile statistics

IT threat evolution Q3 2022

A look at the 2020–2022 ATM/PoS malware landscape

Uncommon infection and malware propagation methods

IT threat evolution in Q2 2022. Mobile statistics

IT threat evolution in Q2 2022. Non-mobile statistics

IT threat evolution Q2 2022

IT threat evolution in Q1 2022. Mobile statistics

IT threat evolution Q1 2022

IT threat evolution in Q1 2022. Non-mobile statistics

Mobile malware evolution 2021

IT threat evolution in Q3 2021. Mobile statistics

Congratulations, you’ve won! The reality behind online lotteries

Keyloggers: How they work and how to detect them (Part 1)

Scammers’ delivery service: exclusively dangerous

Subscribe

Reports

Bad magic: new APT found in the area of Russo-Ukrainian conflict

Roaming Mantis implements new DNS changer in its malicious mobile app in 2022

BlueNoroff introduces new methods bypassing MoTW

Ransomware and wiper signed with stolen certificates

Subscribe to our weekly e-mails