The open-source nature of the Android platform is its biggest strength and Achilles heel at the same time. Android handsets constituted almost 72% of global smartphone sales in Q3 2012 and 1.3 million Android devices are activated worldwide every single day. This is a staggering market share that Android enjoys but this brings with it the risks of viruses, phishing attacks and other malicious software.
Quick Heal’s Research & Development Center receives about 500 Android malware samples on a daily basis. Mobile malware modification saw an 80% increase in 2012 and a 30% overall growth in mobile malware as compared to 2011.
The nature of these malware samples varies considerably from desktop malware since the features and functions of smartphones are in stark contrast. Smartphone users store a lot of personal data on the devices that they carry with them at all times. Unfortunately, public awareness about these aspects is still in its infancy.
Quick Heal Mobile Threats Report (Global) shows that SMS Trojans accounted for 38% of all threats. Other Trojan variations constituted a considerable 21% of all malware families. Apart from these, we also found modifications of Rooters, Adware, Backdoors and Spyware.
Top 10 Android malware families detected in 2012
Here is a list of the top 10 Indian Android malware that were received by our R&D center during 2012.
|
Malware Families |
Description |
|
Android.BoxerSms |
This Trojan disguises itself as a popular app like Angry Birds or Skype and sends out messages to country specific premium-rate numbers in the background. It also poses as a defective download to fool victims into installing it multiple times. |
|
Android.GingerMaster |
This Trojan targets Android 2.3.3 (Gingerbread) and is found embedded with fake versions of popular games. Once installed, it gains root access and sends out confidential device information and downloads other malicious applications. |
|
Android.Airpush |
This adware links devices to aggressive advertising networks and displays ads at any time, especially in the notification area and in SMS messages. Airpush accompanies malicious apps and also reads browser bookmarks. |
|
Android.Kungfu |
Kungfu uses the GingerBreak exploit to gain root access of a device. It then traps the device in a botnet and hides itself with advanced polymorphic tricks. Once installed, it transmits crucial device information to remote servers. |
|
Android.Leadbolt |
Another form of adware that serves pornographic advertising. In addition to sending data like operator name and phone number to remote servers, it also creates unwanted shortcuts on the homescreen of the Android device. |
|
Android.Kmin |
This Trojan also transmits data like device IMEI, IMSI and other files to premium-rate numbers. It uses clever disguising tricks that utilize HTTP servers to avoid detection. |
|
Android.BaseBridge |
Before this Trojan transmits confidential device information and location data, it locates and disables popular security suites installed on the device. It also obtains root access and drops another malicious payload (Android.Anserver). |
|
Android.GoldDream |
GoldDream gets embedded with legitimate game apps that are altered. Once installed it creates logs of incoming and outgoing SMS messages and calls and shares this data with remote servers. |
|
Android.Ksapp |
This Trojan infects a device and opens a backdoor for other malicious software. All phone details are stored on a remote website. |
|
Android.Plankton |
Another aggressive adware that drops search icons on the homescreen, sets bookmarks, invades the notifications area, sets the home page for browsers and posts confidential data to remote servers. |
Top 10 Global Android malware families
|
Position |
Global Malware Families |
|
1 |
Trojan.GGTracker |
|
2 |
Trojan.Pjapps3.a |
|
3 |
Trojan.SndApp.B |
|
4 |
Trojan.DroidDream |
|
5 |
Trojan.FakeNetFlix.a |
|
6 |
BankingTrojan.FakeToken |
|
7 |
Trojan.Dogowar |
|
8 |
Trojan.Walkinwat |
|
9 |
Trojan.DroidKungfu |
|
10 |
Trojan.Cruise.Win |
2013 threatens to bring a monumental rise in the overall growth of mobile malware numbers and modifications. Advanced attack techniques are constantly being devised by smartphone attackers and these will soon reach the mainstream market. With such large numbers of Android devices functioning all over the world, it is inevitable that attackers target these users. In 2013, people will carry out more financial transactions through their smartphones and also store more confidential information, thus increasing the risk factor. Unfortunately, many people feel that mobile security suites make their device slow and unresponsive. This user negligence will play into the hands of attackers as it will give them an unobstructed path to target their victims.
With the help of innovative social engineering techniques, malicious parties typically target Android devices with the sole intention of monetary benefits. More than 25 billion apps were downloaded from Google Play in 2012, and along with independent third-party application markets, this is the single biggest source of danger to Android device owners all around the world. With the right mobile phone security software, like Quick Heal Mobile Security, these threats can be successfully thwarted to ensure that your device and your data are completely secure.
SOURCE : QUICK HEAL
1 Comment