The second quarter was notable for Google Android security—but not in a good way, according to the findings of a new study.
Android-based malware threats rose 35 percent—a growth rate not seen since early 2012, according to a report from McAfee Labs. The continued proliferation of SMS-stealing banking malware, fraudulent dating and entertainment apps, weaponized legitimate apps and malicious apps posing as useful tools contributed to the record increase in threats.
The second quarter also saw a 16 percent increase in suspicious URLs, a 50 percent increase in digitally signed malware samples, and notable events in the cyber-attack and espionage areas, including multiple attacks on the global infrastructure for bitcoins—digital currency based on an open-source cryptographic protocol—and revelations around the Operation Troy network targeting U.S. and South Korean military assets.
“The mobile cyber-crime landscape is becoming more defined as cyber-gangs determine which tactics are most effective and profitable,” Vincent Weafer, senior vice president of McAfee Labs, said in a statement. “As in other mature areas of cyber-crime, the profit motive of hacking bank accounts has eclipsed the technical challenges of bypassing digital trust. Tactics such as the dating and entertainment app scams benefit from the lack of attention paid to such schemes; while others simply target the mobile paradigm’s most popular currency: personal user information.”
McAfee Labs registered twice as many new ransomware samples in the second quarter as in the first quarter, raising the 2013 ransomware count higher than the total found in all previous periods combined.
The number of new samples of ransomware—which restricts access to infected computer systems so that attackers can extort payments in exchange for restoring access—in the second quarter was greater than 320,000, more than twice as many as the previous period, suggesting the profitability of the tactic.
Cyber-criminals are also using apps posing as helpful tools, such as app installers that actually install spyware that collects and forwards valuable personal data. Meanwhile, global spam volume continued to surge through the second quarter with more than 5.5 trillion spam messages. This represented approximately 70 percent of global email volume.
The report also revealed a surge in dating and entertainment apps that dupe users into signing up for paid services that do not exist. The profits from the purchases are later supplemented by the ongoing theft and sale of user information and personal data stored on the devices, the study explained.
Beyond mobile threats, the second quarter revealed the continued adaptability of attackers in adjusting tactics to opportunities, challenges to infrastructure upon which commerce relies, and a creative combination of disruption, distraction and destruction to veil advanced targeted attacks. These include digitally signed malware (malware signed with legitimate certificates), which increased 50 percent, to 1.2 million new samples.
“The sudden activity in the Bitcoin market over the course of the past quarter attracted interest from cyber-criminals,” the report noted. “In addition to disruptive distributed denial-of-service attacks (DDoS), the group infected victims with malware that uses computer resources to mine and steal the virtual currency.”
The bitcoin warning comes as a security vulnerability within the Android operating system had exposed bitcoin users to theft through several digital wallet applications. The security flaw is just the latest highlight of the weaknesses inherent in the highly fragmented distribution of the Android platform.