Kaspersky Lab Reports Mobile Malware in 2013 More Than Doubles from Previous Year
Woburn, MA –
February 24, 2014 -Kaspersky Lab today published the
results of its analysis
of the mobile threat landscape in 2013. The report found that the mobile
malware sector continues to grow at a significant pace both technologically and
structurally, and a majority of the mobile malware created in 2013 was focused
on extracting financial profits.
Nearly 100,000 new malicious programs for
mobile devices were detected in 2013, which is more
than double the 2012 figure of 40,059 samples.
As of January 1, 2014, Kaspersky Lab has collected 143,211 mobile malware samples.
98.1 percent of all mobile malware
detected in 2013 targeted Android devices.
Approximately 4 million malicious
applications were used by cybercriminals to distribute mobile malware for
Android-based devices. A total of 10
million malicious Android apps were detected in
The top five countries with the highest number
of unique attacked users: Russia (40%), India (8%), Vietnam (4%), Ukraine (4%)
and the United Kingdom (3%).
The report also found that majority of
mobile malware in 2013 was used to gain access to consumer’s money. The number
of mobile malware modifications designed for phishing, stealing bank card
information and money from bank accounts, increased by a factor of almost 20.
There were also 2,500 attempted infections by banking Trojans were blocked.
In addition, Kaspersky Lab saw a
shift in the use of banking Trojans, which are considered one of the most
dangerous types of mobile malware for consumers. Many banking
Trojans detected in 2013 were geared more
towards stealing money from bank accounts rather than from a victim’s mobile
account. At the beginning of the year there were 64 known banking Trojans;
however, by the end of the year, Kaspersky Lab’s collection contained 1,321
unique samples. Vulnerabilities in the Android OS architecture
and its growing popularity were also important factors behind the increase in Android
Quotes: Victor Chebyshev, Virus Analyst
Kaspersky Lab “Today,
the majority of banking Trojan attacks target users in Russia and the CIS.
However, that is unlikely to last for long: given cybercriminals’ keen interest
in consumer bank accounts, the activity of mobile banking Trojans is expected
to grow in other countries in 2014. We already know of Perkel, an Android Trojan that attacks
clients of several European banks, as well as the Korean malicious program
increasingly sophisticated route to your money
Criminals are increasingly using obfuscation, the
deliberate act of creating complex code to make it difficult to analyze. The more
complex the obfuscation, the longer it will take an antivirus solution to
neutralize the malicious code and the more money the fraudsters can steal.
Methods used to infect a mobile device
include compromising legitimate sites and distributing malware via alternative
app stores and bots (the bots usually self-proliferate by sending out text
messages with a malicious link to addresses in the victim’s address book).
Android vulnerabilitiesare used by criminals to enhance the
rights of malicious applications, which considerably extend their capabilities
and make it more difficult to remove malicious programs. To bypass the code
integrity check when installing an application, the Master Key vulnerability is
used. The fact that it is only possible to get rid of Android vulnerabilities
by receiving an update from the device manufacturer merely complicates the
situation further. If a smartphone or tablet was released more than a year ago,
it is probably no longer supported by the manufacturer and patching of
vulnerabilities is no longer provided. In that case, the only help comes from
an antivirus solution.
Kaspersky Lab Kaspersky Lab
is the world’s largest privately held vendor of endpoint protection solutions.
The company is ranked among the world’s top four vendors of security solutions
for endpoint users*. Throughout its more than 16-year history Kaspersky Lab has
remained an innovator in IT security and provides effective digital security
solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its
holding company registered in the United Kingdom, currently operates in almost
200 countries and territories across the globe, providing protection for over
300 million users worldwide. Learn more at www.kaspersky.com.
For the latest in-depth information on security
threat issues and trends, please visit:
* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by
Vendor, 2012. The rating was published in the IDC
report "Worldwide Endpoint Security 2013–2017 Forecast and 2012 Vendor
Shares (IDC #242618, August 2013).
The report ranked software vendors according to earnings from sales of endpoint
security solutions in 2012.
number of attacks prevented by Kaspersky Lab mobile products in 2013