Top 5 Deadliest Mobile Malware Threats Of 2012

  /     /     /  
Publicated : 22/11/2024   Category : security


Top 5 Deadliest Mobile Malware Threats Of 2012


Security pros discuss the most prolific and complex mobile malware threats to appear so far in 2012



While the amount of malicious software focused on the growing number of mobile devices on the market remains a drop in the bucket next to the amount targeting PCs, attackers are steadily turning the devices in consumers pockets into targets.
So far this year, several pieces of malware have popped onto the radar and underscored the growing sophistication of cybercriminals targeting mobile devices. After fielding feedback from security pros, here in no particular order is Dark Readings list of the five most dangerous, sophisticated, and prolific pieces of mobile malware that have appeared thus far in 2012.
1. FakeInst SMS Trojan and its variants
FakeInst disguises itself as popular apps like Instagram, Opera Browser, [and] Skype, and sends SMS messages to premium-rate numbers, says Jerry Yang, vice president engineering at mobile security firm TrustGo.
It is selected because it has been widely infected. There are many variants in the FakeInst family, such as RuWapFraud, Depositmobi, Opfake, and JiFake, Yang says. Sixty percent of total Android malware we found belong to the FakeInst family. Geographically, it mainly exists in Russia. There are also samples found from all over the world.
2. SMSZombie
Also on the list is
SMSZombie
, which was recently spotted in third-party markets in China and has infected more than 500,000 devices in the past few weeks. The malware works by sending SMS messages to China Mobiles online payment system and top-up designated accounts, Yang explains.
The amount of payment, frequency, and destination are all controlled by malware developer, he says. It is significant because it takes extra steps to protect itself.
Once installed, it obtains Device Admin privileges and is very difficult to remove, prompting TrustGo to publish details of a manual removal process on its blog.
We expect more Android malware will adopt similar techniques to protect themselves, he says.
3. NotCompatible
Discovered by Lookout Mobile Security in April, NotCompatible is the first piece of mobile malware that used websites as a targeted distribution method, notes Derek Halliday, lead security product manager at Lookout.
NotCompatible is automatically downloaded when an Android browser visits an infected website, he says. The downloaded application is disguised as a security update in an attempt to convince the user to install it.
If it successfully installed, NotCompatible can potentially be used to gain access to private networks by turning an infected Android device into a network proxy, and can be used to gain access to protected information or systems, Halliday says.
4. Android.Bmaster
Bundled in with legitimate applications, Android.Bmaster was spotted on a third-party Android app market earlier this year. The majority of the infected victims were Chinese users. Once on the device, the malware swiped sensitive data from the phone, including the Cell ID, location area code, and IMEI (International Mobile Equipment Identity) number, and caused users to send SMS messages to premium numbers.
Analysis of Android.Bmasters
command-and-control
servers indicate the total number of infected devices connected to the botnet over its entire life span numbered in the hundreds of thousands, says Kevin Haley, director of Symantec Security Response. The number of infected devices able to generate revenue on any given day ranged from 10,000 to 30,000, enough to potentially net the botmaster millions of dollars annually if the infection rates are sustained.
5. LuckyCat
LuckyCat was the name given to a campaign of targeted attacks that struck the aerospace and energy industries in Japan as well as Tibetan activists and others. To broaden their attack, the perpetrators have brought the attack to the
Android platform
.
Once installed, the application displays a black icon with the text testService, and opens a backdoor on the device to steal information.
Luckycat is the first APT [advanced persistent threat] targeting Android platform, TrustGos Yang says. It is a Trojan horse for Android devices that opens a back door and steals information on the infected device.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Top 5 Deadliest Mobile Malware Threats Of 2012