Mobile Advertising Trojans Top Threat to 2016

Mobile Trojans were declared winners the year they passed. 2016, there has been a nearly three-fold rise in mobile malware detection compared to 2015. In particular, a total of 8,5 million malicious sites have been identified. This means that within just one year, a volume corresponding to 50% of all malware detected in previous 11 years (15,77 million in the 2004-2015 period) was released.

Primitives were the ones mobile devices advertising Trojans which currently constitute 16 of the top 20 malware, compared to 12 in 2015. These are the findings of its annual report Kaspersky Lab called "Mobile Virusology", which also highlights the evolution of Trojans in his area mobile devices banking. Special Interpol Global Complex for Innovation (IGCI) officials contributed to the report with an analysis of the mobile devices malware in Dark Website.Trojans

2016, Kaspersky Lab Security Products for Mobile Devices reported:

  • About 40 million attempts to mobile malware attacks, with over 4 million Android users being protected (the corresponding number was 2,6 million 2015)
  • Over 260.000 detected mobile packages ransomware Trojans (an increase of almost 8,5 times, from year to year)
  • More than 153.000 unique users were targeted by mobile ransomware (an increase of 1,6 times higher compared to 2015)
  • Over 128.000 mobile banking Trojans were detected (about 1,6 times more than 2015)

Trojan advertisers: have your device already made root?

  • The most common types of Trojan 2016 were in ad format, corresponding to 16 from 20 Top Malware

These Trojans are able to catare essential rooting privileges, allowing malware to not only aggressively serve ads to "infected" devices, often rendering them unusable, but also to secretly install other apps. These Trojans were also able to purchase apps on Google Play.

In many cases, Trojans were able to exploit previously patched vulnerabilities points because users had not installed the latest updates.

Furthermore, this malware also installs its extensions to the system index, which makes treatment of the "infected" device quite difficult. Some promotional Trojans have the ability to "pollute" the recovery image, making it impossible to solve the problem even by resetting the factory settings.

Innuendos of this category of malware have been repeatedly found in the official Google Play app store, such as a disguised guide to Pokémon GO. In this case, this application "downloaded" more than 500.000 times and is recognized under the name Trojan.AndroidOS.Ztorg.ad.

Mobile ransomware programs: further increase

  • 167 countries have been attacked by programs Trojan-Ransom, size increased by 1,6 times compared to 2015.
  • Within 2016, 153.258 unique users from 167 countries were attacked by Trojan-Ransom programs. This number is 1,6 times bigger than 2015.

The modern ransomware overlays the windows that run the user with demanding messages, making it impossible to use the device. This item was used by the most popular ransomware software 2016 - Trojan-Ransom.AndroidOS.Fusob.

This Trojan attacks mainly users in Germany, the United States and the United Kingdom, but avoids users in Russia and some neighboring countries. Once it starts, it runs a test in the language of the device and then, after checking the results, it can stop the process. The digital criminals behind these Trojan calls from 100 to 200 dollars to unlock a device. Payment can only be made using pre-paid iTunes cards. King Trojan: an escalating threat

  • 2016, over 305.000 users in 164 countries were attacked by mobile devices banking Trojans, compared with over 56.000 users in 137 countries last year.
  • Russia, Australia and Ukraine are 3 ranking countries that have been attacked, based on the percentage of attacked users mobile devices banking Trojans in relation to users who have fallen victim mobile devices in total.

Mobile banking Trojans have continued to evolve over time. Many of them acquired tools to bypass the new Android security mechanisms and were able to continue stealing user information from the latest versions of the operating system. At the same time, the developers of mobile banking Trojans repeatedly enhanced their creations with new features. For example, the Marcher "family", in addition to the usual overlay of banking applications, often redirects users from of financial institutions on phishing websites. The Dark Web Fallacy

According to experts from the Interpol Global Complex for Innovation (IGCI), who also contributed to the report, the Dark Web remains an attractive medium for conducting illegal businesses and activities. Given its strong anonymity, low prices and customer-centric strategy, the Dark Web provides a means for criminal actors to communicate and engage in commercial transactions, buying and selling various products and services, including mobile malware. Mobile malware is offered for sale as software packages (eg remote access Trojans – RATs), individual solutions and sophisticated tools, such as those developed by professionals or, on a smaller scale, as part of a 'Bot as a Service' model. Mobile malware is also an "object of interest" for προμηθευτών, φόρουμ και social media.

"2016 continued to increase the number of promotional items Trojans who are able to exploit the rights Great-user. Throughout the year, it was the top threat and we do not see any sign of a change in this trend. Digital criminals take advantage of the fact that most devices do not receive operating system updates (or receive them when it is too late), and are therefore vulnerable to old, known and readily available expoits. In addition, we see that mobile devices landscape is becoming 'suffocating' for digital criminals and are beginning to interact more with the world than the smartphones. Perhaps 2017 will see major attacks on IoT components that will be launched from portable devices, writes Roman Unuchek, Senior Malware Analyst of Kaspersky Lab USA.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.082 registrants.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).