New Android Trojan Adds to the March Toward the 1 Million Mark for Malware This Year

[dgstorm]

When it comes to being safe against malware, most of us know to be careful with the "where, how, why and what" of downloading apps on our Android devices. Still, we would be remiss if we didn't share relevant news out there to help you guys stay informed about such things. Apparently malware on Android is at an all time high, and will likely hit the 1 million mark later this year. Also, there is a nasty new bug out there that is contributing to those numbers in a more insidious way. It's a trojan which attempts to spread itself through Bluetooth. Here are some quotes with some of the details,

A security researcher has found what he claims is the most sophisticated Android trojan yet, currently speading by SMS spam, which goes to great lengths to hide itself and tries to replicate on nearby Bluetooth-enabled devices.

Like other Android malware, the trojan is designed to earn its controllers money by forcing the infected device to send text messages to premium-rate numbers. But what's rare about Obad.a, according to Russian security vendor Kaspersky Lab, is that it exploits previously unknown vulnerabilities in Android to remain invisible.

The malware is not widespread and so far has relied on malware-laden SMS to spread, but it contains an impressive list of capabilities that puts it on par with the sophistication of Windows malware, according to Kaspersky Lab malware researcher Roman Unuchek.

"Backdoor.AndroidOS.Obad.a looks closer to Windows malware than to other Android Trojans, in terms of its complexity and the number of unpublished vulnerabilities it exploits," Unuchek notes in a blogpost. ~ ZDNet

The malware has even more unique and dastardly characteristics than just what is mentioned above so be sure to hit up the source link for more info. Here's a few important bullet-points to pay attention to regarding this rise of Android malware:

• Trend Micro detected 350,000 threats for Android, with a growth ratio of 14:3 for Android versus PC. In context, it took Android just three years to achieve the PC volume of malware threats within 14 years. By the end of this year, the volume of Android malware could reach as high as the 1 million mark.
• The number of Android malware detections spiked in the third quarter from 41,000 to 156,000 samples, according to the firm's research. 38 percent was adware, 25 percent stole data, while 22 percent included a malicious downloader. Leading the threat type, however, was a premium service abuser at more than 40 percent.
• Java-based threats helped lead Apple's OS X platform into the crosshairs of malware writers, hackers, and botnet controllers after the first widespread attack against the Mac.
• Social-media platforms became a greater target for cybercriminals as the security firm warns users to avoid "oversharing" on Facebook, Twitter, Google+, and so on.
• Enterprises suffered from an "alarming rate" of data breaches and targeted attacks, the firm said. The widely reported Global Payments breach cost more than $94 million and is "still climbing," to give one example. Meanwhile, targeted attacks--such as allegedly government-backed attacks and other "children of Stuxnet"--are being used to attack high-value targets, notably with the discovery of Flame, Duqu, and Gauss, which derived from the "original" Stuxnet worm.
• Rather than using existing attacks, attackers used more professional software-development practices, the company said, by using Blackhole Exploit Kit (BHEK), Automatic Transfer Systems (ATS), and "improved" ransomware.

Source: ZDNet

Although Android is far safer than many other platforms for those who are smart about their devices, it's still important to stay informed. The bad guys are always evolving, so we can't ever get too complacent.

Thanks for the tip, leeshor!