Google Pulls Malware From Android Market; Also, $1M Stolen This Year Due to Malware

[dgstorm]

In two separate reports there has been some notable movement in the issue of Android malware. The first report indicates that Google has recently pulled some malware from the Android Market, called RuFraud, that was an SMS hole exploit. "Android.RuFraud poses as popular games like Angry Birds, Assassins Creed or Tetris and can affect users across Europe and Russia." It has primarily affected European markets, but shows a disturbing trend that is expected to get worse in 2012. The exploit basically tricked users into sending SMS messages to premium-rate phone lines.

The second report comes directly from the security company, Lookout Security, and also indicates that malware is on the rise and will continue to worsen in 2012. Their report shared that more than $1 Million has been stolen over 2011 because of malware fraud on Android devices. Here is their full press release:

Lookout Unveils 2012 Mobile Threat Predictions: Mobile Pickpocketing, Botnets and Automated Repacking Will Be On the Rise

More than $1 Million Stolen from Android Users in 2011; Likelihood of Annual Malware Infection Rises to 4%

San Francisco – December 14, 2011 – Lookout Mobile Security, the global leader in mobile security, today unveiled its 2012 Mobile Malware Predictions, based on data collected from its Mobile Threat Network, which includes more than one million apps and 15 million user devices worldwide. Mobile threats are on the rise – Lookout estimates that mobile threats successfully stole more than one million dollars from Android users in 2011. In 2012, Lookout predicts that the criminal business of malware will be more profitable than ever before as the possibility of monetizing mobile devices grows and the cost of infecting devices lessens.

In the report, Lookout reveals that the annual likelihood of an Android user encountering malware today has increased to 4% up from a 1% likelihood measured at the beginning of 2011. Web-based mobile threats are also an important component of Lookout’s research, and the company found Android users worldwide have a 36% chance of clicking on an unsafe link in 2011. In the United States, the likelihood of encountering an unsafe link is higher than the global average at 40%. Additionally in the report, Lookout anticipates the methods that would-be thieves will use to target mobile users directly and discusses tips for consumers to protect themselves.

“2011 was a watershed year in terms of the types threats we saw emerging. Threats had greater sophistication and were deployed using more innovative and efficient distribution methods,” said Kevin Mahaffey, co-founder and chief technology officer at Lookout. “In 2012, we expect to see the mobile malware business turn profitable. What took 15 years on the PC platform has only taken the mobile ecosystem two years.”

Mobile Malware Monetization Trends

Mobile Pickpocketing (SMS/call fraud). In 2012, Malware writers will continue to steal money directly from consumers by accessing their mobile devices’ ability to charge phone bills via SMS billing and phone calls. Earlier this year, Lookout identified GGTracker, the first mobile malware that steals money from users in the U.S and earlier this week Lookout identified another Android Trojan, RuFraud, targeting Eastern European users.

Botnets. To date, Lookout notes botnet networks have yet to be used at scale. In 2012, Lookout anticipates malware writers could secretly integrate thousands of mobile devices into extensive botnet-like networks to distribute spam, steal private info, and install other malware. DroidDream and Geimini are examples of botnets.

Vulnerable Phones. Due to the difficulty of updating software and patching vulnerabilities on mobile phones, malware writers will continue to exploit iOS and Android OS at a pace greater than vulnerabilities can be resolved.

Mobile Malware Distribution Trends

Automated Repackaging. Malware writers will develop tools that enable the automatic repackaging of malicious applications. Lookout has seen instances where several infected apps were packaged by the same developer within a matter of seconds – quicker than someone could do manually – so the means for automated repackaging may already be in existence.

Browser Attacks. As with PC-based threats in the past, malware writers will attempt to profit via Web-based distribution like email, text messages and fraudulent websites. Even iOS devices have been targeted by websites designed to jailbreak them. In 2012, Lookout expects a continued increase in mobile phishing and messages linked to websites that automatically install malware.

Malvertising. Instances of malvertising (genuine-looking advertisements that link back to fraudulent sites) will continue to increase. Given this method has been successful with Trojans like GGTracker, we expect other malware writers to try similar distribution tactics.

For the in-depth predictions, data and accompanying graphics, please see Lookout’s Mobile Malware Predictions: http://blog.mylookout.com/blog/2011/12/12/2012-mobile-threat-predictions.

Most of the time, it's easy to dismiss this stuff as marketing hype, especially the individual reports from security companies; however, a head-in-the-sand approach is probably not a good idea. For every tech-savvy forum user we have, there are two regular consumers that can (and have) fallen for some of these tricks. It's important for us to take this seriously and help our less than knowledgeable friends and family members avoid some of these pitfalls.

Source: Engadget and BGR

 

[tjk629]

I wish there was some way to educate people on how to use the market. With smart phones becoming more and more popular to none tech people it's easy to take advantage of them.

 

[Byakushiki]

Simply put, there will always be blind sheep on either side of the mobile OS war that fall for stuff like this. Apple fans capitalize on these things just as much as we would if the same happened to them.

 

[redoregon]

Snake oil salesman predicts huge increase in healings due to snake oil

Yes, there certainly is a problem with malware, but I sure wish *independent* security outfits would do some reporting. Ever since anti-virus companies got busted writing virii and releasing them into the wild, I have serious problems taking any report coming from a company that stands to make money off the problem seriously.

 

[rowdyguy124]

The scary part is that even knowledgeable tech savvy users feel safe. And it's not the case. I'm sure that most iOS users will believe 100% that since they use an Apple product that they are immune to threats. With the large iPhone and iPad market penetration they are in for a big surprise.

 

[WildcatRudy]

Vulnerable Phones. Due to the difficulty of updating software and patching vulnerabilities on mobile phones, malware writers will continue to exploit iOS and Android OS at a pace greater than vulnerabilities can be resolved.

I'd love to post this on an iphone/ipad/ios forum; the fanboys always needle us because Android is "open". Malware writers love larger targets; why target thousands when you get a bigger payoff with hunndreds of thousands.


My #1 rule (and that of many of my colleagues) of I.T.: all computers are vulnerable, and never assume any are invincible. That's when the problems start. (And in this era, "computers" are now actually "devices" like smartphones which are computers on a small scale.)

Rule #2 of I.T. is that the real problem is sitting between the keyboard and the monitor.

 

[tjk629]

I'd love to post this on an iphone/ipad/ios forum; the fanboys always needle us because Android is "open". Malware writers love larger targets; why target thousands when you get a bigger payoff with hunndreds of thousands.


My #1 rule (and that of many of my colleagues) of I.T.: all computers are vulnerable, and never assume any are invincible. That's when the problems start. (And in this era, "computers" are now actually "devices" like smartphones which are computers on a small scale.)

Rule #2 of I.T. is that the real problem is sitting between the keyboard and the monitor.

Back before Android became a hit. The iPhone had its share of vulnerabilities.

 

[Chizzele]

I think that this is a good enough reason to make sure that any mobile payment solution offered to the public such as Google Wallet or ISIS is secure enough against these. I know that anything can be hacked but having your purchasing power on your phone is a good enough reason for a few extra layer of security.

 

[aaf709]

I had Lookout on my OG Droid. Every week I'd get an email telling me it caught stuff, but it wouldn't tell me what it caught. I wish I knew so I could prevent it from happening again.

 

[MissionImprobable]

The only thing that Bitdefender has found on the phone thus far has been non-market apps I've installed and are "potentially malicious." It has flagged a website or two, but nothing major as of yet. Of course the best thing is to always know where you navigate to and what you're downloading.