Published August 21, 2013
Malware on Google’s (GOOG) Android grew 35% in the second quarter, the fastest pace since early 2012, as hackers infiltrated systems using malicious apps and SMS stealing and tweaked tactics to maximize profits, according to Intel’s (INTC) McAfee.
The security division’s research arm, which unveiled its second-quarter threats report on Wednesday, also registered an alarming increase in mobile ransomware samples in the second quarter and said spam continued to accelerate, with more than 5.5 trillion spam messages being sent representing roughly 70% of total global email volume.
“The mobile cybercrime landscape is becoming more defined as cybergangs determine which tactics are most effective and profitable,” said Vincent Weafer, senior vice president of McAfee Labs. “As in other mature areas of cybercrime, the profit motive of hacking bank accounts has eclipsed the technical challenges of bypassing digital trust.”
Among the primary methods used by thieves through Android devices were SMS-stealing banking malware, fraudulent dating and entertainment apps, legitimate apps laced with malicious weaponry and malicious apps posing as useful tools.
The banking scheme takes advantage of commercial banks’ two-factor authentication, capturing the traditional usernames and passwords then intercepting the SMS that contains a log-in code so that hackers gain direct access to accounts.
Fraudulent dating and entertainment apps dupe users into signing up for non-existent services. Hackers augment profits by selling user information and other personal data stored on devices.
Outside of mobile threats, the second quarter recorded a 16% increase in suspicious URLs, a 50% increase in digitally-signed malware samples and notable events in the cyber-attack and espionage areas.
The report comes amid ongoing attacks on the digital currency Bitcoin and Operation Troy’s targeting of U.S. and South Korean military assets, McAfee said, as well as a resurgence of reported denial of service attacks against major U.S. banks as well as an onslaught of attacks that have downed the sites of several mainstream media outlets, including Washington Post and CNN.
The increased pace of infiltration is a reflection of hackers adapting their tactics to stay ahead of evolving security mechanisms and tweaking schemes to drive the greatest profit.
Part of that includes using more ransomware, a type of extortion where malware restricts access to the system it infects and demands ransom paid to the creator. The number of new samples of ransomware exceeded 320,000 last quarter, more than twice as many in the previous period.
It’s a “creative combination of disruption, distraction and destruction to veil advanced targeted attacks,” McAfee said in the report.