跳到主体内容

The Volume of New Mobile Malware Tripled in 2015

2016年2月24日

The volume of malware targeting users of mobile devices grew more than three times in 2015, compared to 2014

The volume of malware targeting users of mobile devices grew more than three times in 2015, compared to 2014. The most dangerous threats in 2015 were ransomware, malware capable of obtaining unlimited rights on an infected device, and data stealers, including financial malware. These are main findings of the annual Mobile Virusology report prepared by the Kaspersky Lab Antimalware Research group. 

The 2015 mobile threat landscape in numbers:

  • 884,774 new malicious programs were detected by Kaspersky Lab, a three-fold increase on 2014 (295, 539).
  • The number of new mobile banking Trojans decreased to 7,030 from 16, 586 in 2014.   
  • 94,344 unique users were attacked by mobile ransomware, a five-fold increase on 2014 (18, 478).

Ransomware is on the rise

2015 was the year of ransomware. Once a device is infected with this type of malware, the malicious app blocks the device with a pop-up window carrying a message that the user has committed illegal actions. In order to unlock the device the user has to pay a ransom ranging between $12 and $100. 

The number of users of Kaspersky Lab mobile products attacked by ransomware increased from 1.1% to 3.8% between 2014 and 2015. Attacks were registered in 156 counties, with Russia, Germany and Kazakhstan the most hit. The Trojan-Ransom.AndroidOS.Small malware and its modification, Trojan-Ransom.AndroidOS.Small.o were the most active in Russia and Kazakhstan. The Small.o was the most widespread of all mobile ransomware detected by Kaspersky Lab last year.

The number of ransomware app modifications has increased by 3.5 times, proof that fraudsters are seeing ever more advantage in earning money from users via blackmail. 2016 is likely to see an increase in the complexity of the malware and its modifications, with more geographies targeted.

Malware with super-user access rights - another threatening development

Nearly half of the top 20 Trojans in 2015 were malicious programs displaying intrusive advertising on mobile devices. The most widespread last year were the Fadeb, Leech, Rootnik, Gorpro and Ztorg Trojans. Fraudsters used every available method to propagate these Trojans, through malicious web-banners, fake games and other legitimate apps published in official applications stores. In some cases they were positioned as legitimate software preinstalled by the device vendor.

Some of these apps have the ability to gain super-user access rights or root access. Such rights give attackers an almost unlimited ability to modify information stored on an attacked device. If the installation is successful the malware becomes almost impossible to delete, even after a reboot to factory settings. Mobile malware with the ability to gain root access has been known about since 2011, and last year it was extremely popular among cyber-criminals. This is likely to continue in 2016.

Take care of your money - mobile banking malware

Banking Trojans are becoming more and more complex, despite a decrease in the number of modifications. The mechanics of these malicious apps is the same as before: after getting into a clients' system/device, the malware overlays a bank’s legitimate pages or online payment apps with fake ones. However, the scale on which such malware could be utilized grew significantly in 2015. Now cyber-criminals can attack clients of dozens of banks located in different countries using only one type of malware, while previously they would have used malicious apps that could only attack one or two financial services organizations in just a few countries. An example of a malicious application with multiple targets is the Acecard Trojan, which has tools for attacks against users of several dozen banks and web-services.

“As mobile devices become more and more functional, cybercriminals have become more and more sophisticated at attacks that attempt to steal money from users. Last year was the year of banking Trojans and ransomware. Adware was widely used to infect devices with more sophisticated malicious programs. We also witnessed growing interest in malware that can gain super-user access on users’ devices. To stay safe do not neglect reliable mobile anti-virus solutions. Bear in mind that prevention of the threat is better than suffering losses after the infection,” – advises Roman Unuchek Senior Malware Analyst at Kaspersky Lab USA.

To learn more about mobile malware evolution in 2015, read the blog post available at Securelist.com.



The Volume of New Mobile Malware Tripled in 2015

The volume of malware targeting users of mobile devices grew more than three times in 2015, compared to 2014
Kaspersky logo

关于卡巴斯基

卡巴斯基是一家成立于1997年的全球网络安全和数字隐私公司。卡巴斯基不断将深度威胁情报和安全技术转化成创新的安全解决方案和服务,为全球的企业、关键基础设施、政府和消费者提供安全保护。公司提供全面的安全产品组合,包括领先的端点保护解决方案以及多种针对性的安全解决方案和服务,以及用于应对复杂和不断变化的数字威胁的网络免疫解决方案。全球有超过4亿用户使用卡巴斯基技术保护自己,我们还帮助全球200,000家企业客户保护最重要的东西。要了解更多详情,请访问www.kaspersky.com.cn.

相关文章 企业新闻