Mobile threats

I’m often asked about the real danger of Android malware. This is a difficult question as it has many factors to consider, such as your location, your device, how many apps you install, and how reckless you are with the apps that you choose.

In the middle of July I wrote about porn SMS senders which covertly subscribed users to a range of premium-rate services with the promise of raunchy images. Now this problem has evolved to SMS Trojans which target users from a number of European countries and Canada.

Recently while browsing Reddit, I found the account of a popular app developer who claims that another developer on the Android Market had stolen his app, added ad spam code to it, and uploaded it under his own account with the same name.

A simple message on a Google forum in August sparked an investigation which would eventually bring down the DigiNotar certificate authority.

In this edition of Lab Matters, Ryan Naraine interviews Kaspersky Lab CTO Nikolay Nikolay Grebennikov about malicious threats on mobile devices. Grebennikov talks about the taxonomy of threats and explains Kaspersky Lab’s vision for protecting data on smart phones.

The following statistics were compiled in October using data collected from computers running Kaspersky Lab products: 161,003,697 network attacks were blocked.

Google has recently announced the forthcoming availability of Ice Cream Sandwich, Android 4.0. In such a short time, Android has seemingly come so far. I’d like to stop and take a look at the security improvements and additions featured in this release.

A relatively new development in app advertising has a concerning feature. It leeches much of the same information that many Android Trojans also steal. Through an app promotion campaign, a new feature called “offerwalls” are used by Pay Per Install (PPI) services to promise further adoption and revenue for app developers. But what is the real danger? It is found in the way these services uniquely identify users and the information they collect.

The following statistics were compiled in September using data collected from computers running Kaspersky Lab products

Online banking is now a run-of-the-mill affair for most.

Cyber-criminals are using malicious QR codes to push malware on Android devices.

In 2010 we noted a decline in the number of players in the fake antivirus market, and as a result, fewer counterfeit programs used to distribute fake antivirus products

The first version of ZeuS-in-the-Mobile (ZitMo), malware which targets mTANs, was discovered in the end of September 2010. And now please ‘welcome’ ZeuS-in-the-Mobile for Android.

Various malware and riskware programs created for mobile platforms with premium rate SMS usage have been a huge problem for a very long time for users from countries like Russia, Ukraine or China. What about other countries?

Some major events have taken place since the publication of Mobile Malware Evolution: An Overview, Part 3.