Android under Siege: Malware targeting Android users increased nearly six-fold during the three months ending September. Cybercriminals bank on popularity for infection.
TAIPEI, Taiwan, October 25, 2012 - High-risk, malicious Android applications jumped from nearly 30,000 in June to almost 175,000 in September, according to the security roundup report for the third quarter of 2012 released today by global cloud security leader Trend Micro Incorporated ( TYO: 4704 ; TSE: 4704 ).
The continued rise of malicious Android apps could result in numerous infected devices in Asia, considering there are about 3.1 billion mobile subscribers in the region. Millennial Media predicts that the "Asia-Pacific region will see the largest growth of smartphone users, due in part to the area’s large populations, with Indonesia and India experiencing the greatest smartphone user growth in 2016.”
While some apps are clearly criminal – such as those that secretly purchase premium smartphone services – others are more of a privacy threat. These include "Aggressive Adware” apps that collect more personal information than the user has authorized.
Though most adware are designed to collect user information, a fine line exists between collecting data for simple advertising use and violating one’s privacy. Because adware normally collect user information for legitimate purposes, they can effectively gather more data than some would want to give out.
"The popularity of the Android operating system means that cybercriminals will want to target this particular platform,” says Myla Pilao, Director of Marketing Communications at TrendLabs. "As we’ve seen countless times, cybercriminals bank on what’s popular to execute their malicious activities.”
Exploiting popularity does not end with mobile. Cybercriminals used well-known programs such as Java and Internet Explorer to deliver zero-day exploits, resulting in infected systems. Cybercriminals are also attuned to popular online activities. ZeroAccess malware, the top infector of the quarter, is often bundled with pirated copies of popular movie titles which can be downloaded via peer-to-peer (P2P) file sharing sites. Asia-Pacific was found to be the second most affected region by these malware, followed by Japan.
"There is a price for popularity for online users,” said Pilao. "For instance, favorite sites such as PayPal, eBay, and Battle.net were among the top phished sites of the quarter. This proves that cybercriminal activity relies heavily on common user activity. You can expect that wherever online users go, cybercriminals are sure to follow.”
Additional information can be found in "TrendLabs 3Q 2012 Roundup: Android Under Seige: Popularity Comes at a Price" which includes other highlights such as:
ZeroAccess malware were the top infector in the computing public this quarter. The old DOWNAD/ Conficker worm came a close second. It remains prominent in India, Indonesia, and the Philippines where people still frequent Internet cafes.
South Korea overtook Japan as the top country in terms of number of malware-hosting sites in APAC and Japan combined. South Korea also hosts the 2nd top malicious domain blocked in the world. Japan, South Korea, Taiwan, India and Australia are among the top 10 countries in the world that most clicked on malicious websites.
Corporations and governments were still viable APT targets. Lurid and Nitro APT campaign improvements were also noted. Japan and APEJ regions were still the most targeted, based on our monitoring of possible targeted attacks on our customer environment.
PayPal attracted the most phishermen while Linkedin topped the list of chosen Blackhole Exploit Kit targets.
See that spam? It likely arrived via Saudi Arabia (or India).
Social media threats and privacy concerns lived on.
About Trend Micro
Trend Micro Incorporated (TYO: 4704; TSE: 4704), the global cloud security leader, creates a world safe for exchanging digital information with its Internet content security and threat management solutions for businesses and consumers. A pioneer in server security with over 20 years’ experience, we deliver top-ranked client, server and cloud-based security that fits our customers’ and partners’ needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the industry-leading Trend Micro™ Smart Protection Network™ cloud computing security infrastructure, our products and services stop threats where they emerge – from the Internet. They are supported by 1,000+ threat intelligence experts around the globe.
Additional information about Trend Micro Incorporated and the products and services are available at Trend Micro.com. This Trend Micro news release and other announcements are available at http://newsroom.trendmicro.com/ and as part of an RSS feed at www.trendmicro.com/rss. Or follow our news on Twitter at @TrendMicro.