Mobile threats

Mobile applications have become one of the most efficient attack vectors, and one of the favorite methods of cybercriminals is the abuse of popular applications.

Applications that gain root access to a mobile device without the user’s knowledge can provide access to much more advanced and dangerous malware, in particular, to Triada, the most sophisticated mobile Trojans we know.

As the functionality of mobile devices and mobile services grows, the appetite of cybercriminals who profit from mobile malware will grow too. Malware authors will continue to improve their creations, develop new technologies and look for new ways of spreading mobile malware. Their main aim is to make money.

After analyzing all the known malware modifications in Acecard family, we established that they attack a large number of different applications. In particular, the targets include nine official social media apps.

We were recently analyzing a family of mobile banking Trojans called Asacub, and discovered that one of its C&C servers is also used by CoreBot, a Windows spyware Trojan. This prompted us to do a more detailed analysis of the mobile banking Trojan.

Despite a strong data encryption, a compromised mobile end point is completely exposed to spying, since threat actors have the same ability to read messages as users themselves. Threat actors don’t need to struggle with encryption algorithms, nor intercept data at the network layer level.

In the third quarter of 2015 Kaspersky Lab solutions detected and repelled a total of 235,415,870 malicious attacks from online resources located all over the world. There were 5,686,755 registered notifications about attempted malware infections that aim to steal money via online access to bank accounts.

The malicious VK Music app not only lets you listen to music but also steals the login details of those using the popular Russian social networking site VKontakte. According to our estimates, the attackers may have stolen the accounts of hundreds of thousands of users.

We analyzed the statistics we had collected from May to August 2015 and identified three main Trojan families that use root privileges on the device to achieve their goals.

In the second quarter of 2015 Kaspersky Lab solutions detected and repelled a total of 379,972,834 malicious attacks from online resources. There were 5,903,377 registered notifications about attempted malware infections aiming at stealing money via online access to bank accounts. Were detected 291,887 new malicious mobile programs.

Presentation content here mostly focuses on technologies used in fighting malware and the general misuse of mobile and computing power for serious criminal activities.

In the first quarter of 2015 Kaspersky Lab products detected a total of 2,2 bln malicious attacks and more than 93 mln unique malicious URLs. The story of the powerful Equation cyberespionage group was perhaps the most talked-about news story of Q1.

Trojan-SMS.AndroidOS.Podec proved to be remarkable: it can send messages to premium-rate numbers employing tools that bypass the Advice of Charge system. It can also subscribe users to premium-rate services while bypassing CAPTCHA.

Last night I got a unexpected SMS in German language on one of my phones. A message from “Lisa”, pretending to know me, including an url luring the reader to a picture of her.

A modern smartphone is a full-blown working tool, an entertainment center and a tool to manage your personal finances. The more it can do, the more attractive it is to cybercriminals. The evidence for this is clear when we look at the rapid growth in the numbers of mobile Trojans.