On the heels of recent reports noting the increase in attacks against mobile devices, Panda Security’s latest quarterly malware report found smartphone malware dominated the security landscape during the first quarter of 2011.
There was virus activity in the first quarter of 2011 than there was in the last quarter of 2010, Panda Security’s anti-malware laboratory, reported April 5. The report, which analyzed IT security events from Jan. 1 to March 31, highlighted several major security incidents, including the malicious apps that were found on the Android Market and the successful attack against HBGary Federal by the Anonymous hacktivist group.
A number of security advisories and proof-of-concepts reporting mobile vulnerabilities emphasized the need to focus on mobile security. Cyber-criminals have renewed focus on proven strategies such as infecting smartphones with malware that generates premium-rate text messages. Users are unaware of these messages being sent until they receive their monthly bills. For example, a Russian gang distributed an app that let users send romantic images for Valentine’s Day. When a user tried to send a picture message, a SMS was sent instead to a premium rate number.
Malware developers are taking advantage of the fact that the Android platform allows users to install applications from anywhere, even though it is recommended that users stick with the official app store. Even if they can, users should refrain from downloading apps, wallpapers and games from unofficial and questionable sources.
The report highlighted the malicious applications that were discovered on Google’s Android Market in the beginning of March as “the largest single attack against Android cell phones.” The malicious applications on Android Market were downloaded over 50,000 times over just four days. The apps installed a Trojan which stole personal data and downloaded and installed other apps. Even though the users were hit despite using the official store, it was quickly remediated as Google removed the malicious apps and several days later remotely uninstalled them from user devices.
A mobile of Zeus Trojan also made the rounds this quarter, which was designed to bypass the double authentication system implemented by many banks and financial institutions. Users were prompted by the Trojan to enter a phone number to which the “security certificate” should be sent to. When users downloaded the certificate, it had the capability to intercept all SMS messages sent to the phone, such as password codes and security hints used to secure bank accounts.
The increase in smartphone malware could be driven by the fact that smartphones exceeded PC sales in fourth quarter of 2010, the researchers speculated.
The surge in malware activity in the first three months of 2011 was driven mainly by new threats in circulation, PandaLabs researchers found. Cyber-attackers created 26 percent more new threats in this quarter than they did during the first quarter of 2010, and 16 percent more than the fourth quarter of 2010. The laboratory received an average of 73,190 new samples of malware everyday, of which 70 percent were Trojans.
Another major trend, cyber-activism, was driven by the political events that rocked parts of the Middle East and North Africa in January and February. Governments, including Egypt and Libya, imposed curfews and shutdowns to restrict people’s access to the Internet. Several people have also been arrested in Europe for taking part in distributed-denial-of-service attacks as part of the Anonymous hacktivist group in support of the whistle-blowing site Anonymous.
The group was behind attacks on non-Wikileaks targets, such as Egypt and other North African countries.
Scammers took advantage of the unrest to send out spam that was tailored to feed into people’s interest in getting news from that part of the world.