All the latest UK technology news, reviews and analysis

Android under siege from 100,000-strong malware horde

16 Aug 2013
Google Android

The amount of mobile malware targeting the Android community has boomed over the last four months, according to security firm Kaspersky.

Kaspersky researchers reported detecting 100,000 mobile malware variants during the second quarter of 2013, in its latest IT Threat Evolution report.

"Virtually all mobile samples that were discovered in the mobile realm were targeting Android in Q2 - just like in the first quarter of the year. One remarkable milestone was reached right at the end of the quarter - on 30 June the 100,000 modifications barrier (consisting of 629 malware families) was broken," read the report.

The report said 29,695 of the attacks were entirely new, marking a quickening in pace by hackers, who are believed to have created 22,750 new Android malware variants in the previous quarter. The paper said the figure is particularly troubling as each of the malware variants is being carried on a number of Trojan apps.

"We're not counting individual malicious apps, but malicious code samples. These code samples, however, are mostly used in multiple Trojanised apps, resulting in a significantly higher number of malicious apps waiting to be downloaded," read the report.

"The common procedure for cyber criminals is to download legitimate apps, adding malicious code and using them as a vehicle for distribution. The repackaged apps are then uploaded again, especially to third-party app stores. Popular apps are targeted to abuse their reputation, since users are actively searching for them and this therefore makes life easier for cybercriminals."

The researchers highlighted the discovery of a new Obad Trojan as being particularly troubling, confirming it has several new features.

"Those who created [Obad] took advantage of yet another previously unknown flaw in Android OS, which enables a malicious program to gain extended Device Administrator privileges without being listed among the applications having such privileges," they noted.

"This makes it impossible to remove the malware from the mobile device. Overall, the malicious program exploits three previously unpublished vulnerabilities. We have never encountered anything like it before in mobile malware."

The paper listed the Trojan as being particularly dangerous as it grants criminals a variety of powers over the infected device. "It can send SMS messages to premium numbers, download and install other malware on the infected device and/or send it via Bluetooth, as well as remotely perform commands from the console," read the report.

The growth in mobile malware comes during a wider boom in global cybercrime levels, with Kaspersky claiming to have neutralised 983,051,408 incidents during Q2 2013.

Mobile malware has been a growing concern within the security community, with vendors reporting new sophisticated attacks and vulnerabilities on a near daily basis. Most recently Symantec reported finding a flaw in Google Android's cryptographic protocols leaving as many as 360,000 applications open to attack.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Work location poll - office, remote or home?

Where do you spend most time working on your primary work device?

Popular Threads

Powered by Disqus
LG G Flex 2 hands-on review

CES 2015: LG G Flex 2 video

A closer look at LG's latest curved-screen smartphone

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Beacon technology: what are the opportunities and how does the technology work?

This paper seeks to provide education and technical insight to beacons, in addition to providing insight to Apple's iBeacon specification


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

.NET Software Developer - C# - Cloud Software Specialists

.NET Software Developer - C# - Cloud Software Specialists...

Infrastructure & Network Analyst

Infrastructure & Network Analyst Solihull (and...

CRM System Officers

At the University of Derby, people are at the heart of...

Business Intelligence Analyst

Citywire is a global publishing company with offices...
To send to more than one email address, simply separate each address with a comma.