The growing threat of mobile malware: Top Android malware families

Published by on

The open-source nature of the Android platform is its biggest strength and Achilles heel at the same time. Android handsets constituted almost 72% of global smartphone sales in Q3 2012 and 1.3 million Android devices are activated worldwide every single day. This is a staggering market share that Android enjoys but this brings with it the risks of viruses, phishing attacks and other malicious software.

Quick Heal’s Research & Development Center receives about 500 Android malware samples on a daily basis. Mobile malware modification saw an 80% increase in 2012 and a 30% overall growth in mobile malware as compared to 2011.

The nature of these malware samples varies considerably from desktop malware since the features and functions of smartphones are in stark contrast. Smartphone users store a lot of personal data on the devices that they carry with them at all times. Unfortunately, public awareness about these aspects is still in its infancy.

Quick Heal Mobile Threats Report (Global) shows that SMS Trojans accounted for 38% of all threats. Other Trojan variations constituted a considerable 21% of all malware families. Apart from these, we also found modifications of Rooters, Adware, Backdoors and Spyware.

Android Malware Types

Top 10 Android malware families detected in 2012
Here is a list of the top 10 Indian Android malware that were received by our R&D center during 2012.

Android Malware Families

Malware Families

Description

Android.BoxerSms

This Trojan disguises itself as a popular app like Angry Birds or Skype and sends out messages to country specific premium-rate numbers in the background. It also poses as a defective download to fool victims into installing it multiple times.

Android.GingerMaster

This Trojan targets Android 2.3.3 (Gingerbread) and is found embedded with fake versions of popular games. Once installed, it gains root access and sends out confidential device information and downloads other malicious applications.

Android.Airpush

This adware links devices to aggressive advertising networks and displays ads at any time, especially in the notification area and in SMS messages. Airpush accompanies malicious apps and also reads browser bookmarks.

Android.Kungfu

Kungfu uses the GingerBreak exploit to gain root access of a device. It then traps the device in a botnet and hides itself with advanced polymorphic tricks. Once installed, it transmits crucial device information to remote servers.

Android.Leadbolt

Another form of adware that serves pornographic advertising. In addition to sending data like operator name and phone number to remote servers, it also creates unwanted shortcuts on the homescreen of the Android device.

Android.Kmin

This Trojan also transmits data like device IMEI, IMSI and other files to premium-rate numbers. It uses clever disguising tricks that utilize HTTP servers to avoid detection.

Android.BaseBridge

Before this Trojan transmits confidential device information and location data, it locates and disables popular security suites installed on the device. It also obtains root access and drops another malicious payload (Android.Anserver).

Android.GoldDream

GoldDream gets embedded with legitimate game apps that are altered. Once installed it creates logs of incoming and outgoing SMS messages and calls and shares this data with remote servers.

Android.Ksapp

This Trojan infects a device and opens a backdoor for other malicious software. All phone details are stored on a remote website.

Android.Plankton

Another aggressive adware that drops search icons on the homescreen, sets bookmarks, invades the notifications area, sets the home page for browsers and posts confidential data to remote servers.

Top 10 Global Android malware families

Position

Global Malware Families

1

Trojan.GGTracker

2

Trojan.Pjapps3.a

3

Trojan.SndApp.B

4

Trojan.DroidDream

5

Trojan.FakeNetFlix.a

6

BankingTrojan.FakeToken

7

Trojan.Dogowar

8

Trojan.Walkinwat

9

Trojan.DroidKungfu

10

Trojan.Cruise.Win

2013 threatens to bring a monumental rise in the overall growth of mobile malware numbers and modifications. Advanced attack techniques are constantly being devised by smartphone attackers and these will soon reach the mainstream market. With such large numbers of Android devices functioning all over the world, it is inevitable that attackers target these users. In 2013, people will carry out more financial transactions through their smartphones and also store more confidential information, thus increasing the risk factor. Unfortunately, many people feel that mobile security suites make their device slow and unresponsive. This user negligence will play into the hands of attackers as it will give them an unobstructed path to target their victims.

With the help of innovative social engineering techniques, malicious parties typically target Android devices with the sole intention of monetary benefits. More than 25 billion apps were downloaded from Google Play in 2012, and along with independent third-party application markets, this is the single biggest source of danger to Android device owners all around the world. With the right mobile phone security software, like Quick Heal Mobile Security, these threats can be successfully thwarted to ensure that your device and your data are completely secure.

 

SOURCE : QUICK HEAL

Categories:

1 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *