Connect with us

Hi, what are you looking for?

Android

Android OS is favorite target of malware developers

Android was the dominant platform of choice for malware developers in 2013, representing 96.5% of all mobile malware infections, according to a new report.

Year 2013 was a bumper crop for malware targeting mobile devices. Android was the dominant platform of choice for malware developers, representing 96.5% of all mobile malware infections, according to a whitepaper released by Fortinet’s FortiGuard Labs. Symbian was a distant second at 3.45% and iOS, BlackBerry, PalmOS and Windows together don’t even warrant 1%.

“The rapid growth of malware targeting Android continues to be of concern to system administrators who have implemented a mobile device strategy on their networks,” said Axelle Apvrille, senior mobile antivirus researcher with Fortinet’s FortiGuard Labs. “FortiGuard Labs detected over 1,800 new distinct families of viruses in the past year, and the majority of those are targeting Google’s Android platform. Looking at the growth of Android malware, we can see that there is much to be concerned about in 2014. The growth shows no signs of slowing; in fact, the growth seems to be accelerating. As more Android-based devices are purchased and taken online, the opportunities for attackers to infect increases as well.”

While attacks on platforms such as Symbian wane, attackers have made Android the number one mobile target. The NewyearL.B Android malware, which was bundled inside seemingly harmless downloads like a flashlight application, continued to target millions of devices and was the number one mobile malware family seen all year. Unwitting or unaware users looking to try out the latest games or apps find themselves unknowingly sharing a wealth of personal information with an attacker, leading to obtrusive advertisements and other negative effects, such as allowing NewyearL.B permission to add and remove system icons and modify and delete the contents of any external storage. And the distribution of Android malware continues to accelerate.

“Clearly cybercriminals are putting a substantial amount of effort into churning out hundreds of thousands of new variants daily in the hopes that some of them will be successfully implanted on a target device,” Apvrille said.

Advertisement. Scroll to continue reading.

Top 10 Mobile Malware Families based on Reported Incidents
1.      Android/NewyearL.B
2.      Android/DrdLight.D
3.      Android/DrdDream
4.      Android/SMSSend Family
5.      Android/OpFake Family
6.      Android/Basebridge.A
7.      Android/Agent Family
8.      Android/AndCom.A
9.      Android/Lotoor Family
10.  Android/Qdplugin.A

ZeroAccess: The Most Prolific Botnet of the Year
Earlier in 2013, FortiGuard Labs reported on the ZeroAccess botnet and how its controllers were systematically adding about 100,000 new infections weekly, leading researchers to believe that the person or persons behind it were not only paying a substantial amount of money weekly to generate new affiliate infections, but that they were able to make a significant amount of money doing so.

“Like other cybercriminals, ZeroAccess’s owners have taken pages from the playbooks of legitimate businesses and made successful attempts to diversify their income generation,” said Richard Henderson, security strategist with Fortinet’s FortiGuard Labs. “We saw 32- and 64-bit versions of ZeroAccess being used to commit click fraud, search engine poisoning and to mine Bitcoin. With the dramatic rise in Bitcoin value over 2013, it’s likely that the owners of ZeroAccess have profited substantially on the backs of their victims.”

Top 10 Botnets Based on Reported Incidents with Percentage of Overall Dominance
1.      ZeroAccess (88.65%)
2.      Andromeda (3.76%)
3.      Jeefo (3.58%)
4.      Smoke (2.03%)
5.      Morto (0.91%)
6.      Mariposa (0.43%)
7.      Waledac (0.18%)
8.      IMDDOS (0.18%)
9.      Mazben (0.15%)
10.  Torpig (0.10%)

ZeuS is Still the King of the Malware Hill
In terms of general PC malware, the ZeuS trojan took the top spot in 2013, with over 20 million attempts to infect FortiGate-protected networks. ZeuS first showed up on computers in 2007 and has been a thorn in the side of Internet users ever since. The 2011 leak of ZeuS’ source code led to an explosion of copy cat variants by aspiring cybercriminals looking to make their fortunes on the backs of innocent victims.

Advertisement. Scroll to continue reading.

“An interesting and nefarious development late in 2013 saw ZeuS infections being used in a new way,” Henderson continued. “While ZeuS was often used as a financial trojan, a significant number of ZeuS infections were used to deliver and execute the Cryptolocker ransomware. Cryptolocker put a new spin on ransomware in that it used uniquely generated cryptographic key pairs to fully encrypt the contents of a victim’s computer, and any mapped drive the victim had the ability to write to. Cryptolocker would then inform the victim they had a short period of time to pay a significant ransom − sometimes as much as a few hundred dollars, and typically only paid using the Bitcoin cryptocurrency − before the encryption key used to encrypt the victim’s computer was deleted, making the victim’s files completely unrecoverable.”

Victims ranged from home users losing thousands of personally significant files such as photographs and home movies, to businesses of all sizes and public agencies. Cryptolocker was also seen to infect users via other methods, including infected flash drives, often in combination with fake program activation tools commonly spread through file sharing sites and through infected email attachments.
 
Top 10 Malware Families Basis Based on Number of Reported Incidents
1.      W32/ZeuS(Zbot) Family
2.      W32/Tepfer Family
3.      JS/FBJack.A
4.      PDF/Script.JS
5.      W32/ZeroAccess Family
6.      W32/Kryptik Family
7.      JS/IFrame Family
8.      W32/Yakes.B
9.      X97M/Agent.F
10.  W32/Blocker Family

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

The partnership enables MCU to integrate Fortinet’s Network Security Expert (NSE) training and certification program into its academic offerings, either as part of the curriculum or...

HEADLINES

As the year 2024 draws to a close, cybersecurity solutions provider Fortinet unveiled predictions that expect hackers will leverage as well as trends that...

HEADLINES

Fortinet Secure SD-WAN transforms wide area networks (WANs) by enabling resilient architecture and flexible security deployments on-premises and in the cloud with digital experience monitoring...

White Papers

An estimated 4 million professionals are needed to fill the growing cybersecurity workforce gap. At the same time, the 2024 Global Cybersecurity Skills Gap...

HEADLINES

The cybersecurity sector faces a significant skills gap approaching 4 million professionals. GenAI tackles this challenge by augmenting the need for technical proficiency.

HEADLINES

Built on the Fortinet operating system, FortiOS, and the latest, fifth-generation Fortinet security processing unit (SP5), the FortiGate 200G series delivers increased firewall throughput, FortiGuard AI-Powered Security Services, and 5GE...

HEADLINES

Fortinet’s unique approach enables the convergence of networking and security, allowing organizations to address increased risk in their environment while reducing complexities, lowering costs,...

Biz Solutions

Backed by the latest, fifth-generation Fortinet Security Processing Unit (SP5), the FortiGate Rugged 70G with 5G Dual Modem provides unparalleled networking performance, cutting-edge FortiGuard AI-Powered Security Services.

Advertisement