Google Pulls Malware From Android Market; Also, $1M Stolen This Year Due to Malware

dgstorm

Editor in Chief
Staff member
Jan 5, 2011
2,205
130
Sick_Android.jpg

In two separate reports there has been some notable movement in the issue of Android malware. The first report indicates that Google has recently pulled some malware from the Android Market, called RuFraud, that was an SMS hole exploit. "Android.RuFraud poses as popular games like Angry Birds, Assassins Creed or Tetris and can affect users across Europe and Russia." It has primarily affected European markets, but shows a disturbing trend that is expected to get worse in 2012. The exploit basically tricked users into sending SMS messages to premium-rate phone lines.

The second report comes directly from the security company, Lookout Security, and also indicates that malware is on the rise and will continue to worsen in 2012. Their report shared that more than $1 Million has been stolen over 2011 because of malware fraud on Android devices. Here is their full press release:

Lookout Unveils 2012 Mobile Threat Predictions: Mobile Pickpocketing, Botnets and Automated Repacking Will Be On the Rise

More than $1 Million Stolen from Android Users in 2011; Likelihood of Annual Malware Infection Rises to 4%

San Francisco – December 14, 2011 – Lookout Mobile Security, the global leader in mobile security, today unveiled its 2012 Mobile Malware Predictions, based on data collected from its Mobile Threat Network, which includes more than one million apps and 15 million user devices worldwide. Mobile threats are on the rise – Lookout estimates that mobile threats successfully stole more than one million dollars from Android users in 2011. In 2012, Lookout predicts that the criminal business of malware will be more profitable than ever before as the possibility of monetizing mobile devices grows and the cost of infecting devices lessens.

In the report, Lookout reveals that the annual likelihood of an Android user encountering malware today has increased to 4% up from a 1% likelihood measured at the beginning of 2011. Web-based mobile threats are also an important component of Lookout’s research, and the company found Android users worldwide have a 36% chance of clicking on an unsafe link in 2011. In the United States, the likelihood of encountering an unsafe link is higher than the global average at 40%. Additionally in the report, Lookout anticipates the methods that would-be thieves will use to target mobile users directly and discusses tips for consumers to protect themselves.

“2011 was a watershed year in terms of the types threats we saw emerging. Threats had greater sophistication and were deployed using more innovative and efficient distribution methods,” said Kevin Mahaffey, co-founder and chief technology officer at Lookout. “In 2012, we expect to see the mobile malware business turn profitable. What took 15 years on the PC platform has only taken the mobile ecosystem two years.”

Mobile Malware Monetization Trends

Mobile Pickpocketing (SMS/call fraud). In 2012, Malware writers will continue to steal money directly from consumers by accessing their mobile devices’ ability to charge phone bills via SMS billing and phone calls. Earlier this year, Lookout identified GGTracker, the first mobile malware that steals money from users in the U.S and earlier this week Lookout identified another Android Trojan, RuFraud, targeting Eastern European users.

Botnets. To date, Lookout notes botnet networks have yet to be used at scale. In 2012, Lookout anticipates malware writers could secretly integrate thousands of mobile devices into extensive botnet-like networks to distribute spam, steal private info, and install other malware. DroidDream and Geimini are examples of botnets.

Vulnerable Phones. Due to the difficulty of updating software and patching vulnerabilities on mobile phones, malware writers will continue to exploit iOS and Android OS at a pace greater than vulnerabilities can be resolved.

Mobile Malware Distribution Trends

Automated Repackaging. Malware writers will develop tools that enable the automatic repackaging of malicious applications. Lookout has seen instances where several infected apps were packaged by the same developer within a matter of seconds – quicker than someone could do manually – so the means for automated repackaging may already be in existence.

Browser Attacks. As with PC-based threats in the past, malware writers will attempt to profit via Web-based distribution like email, text messages and fraudulent websites. Even iOS devices have been targeted by websites designed to jailbreak them. In 2012, Lookout expects a continued increase in mobile phishing and messages linked to websites that automatically install malware.

Malvertising. Instances of malvertising (genuine-looking advertisements that link back to fraudulent sites) will continue to increase. Given this method has been successful with Trojans like GGTracker, we expect other malware writers to try similar distribution tactics.

For the in-depth predictions, data and accompanying graphics, please see Lookout’s Mobile Malware Predictions: http://blog.mylookout.com/blog/2011/12/12/2012-mobile-threat-predictions.
Most of the time, it's easy to dismiss this stuff as marketing hype, especially the individual reports from security companies; however, a head-in-the-sand approach is probably not a good idea. For every tech-savvy forum user we have, there are two regular consumers that can (and have) fallen for some of these tricks. It's important for us to take this seriously and help our less than knowledgeable friends and family members avoid some of these pitfalls.

Source: Engadget and BGR
 

Pamster

Senior Member
Nov 14, 2011
393
35
Thanks for posting this dgstorm, I am glad google is working to fight malware. I think some people assume that because it's android that it is okay. Like android is invulnerable to viruses or malware somehow. Not the case though as this press release shows.
 

Ambrose1

Member
May 16, 2012
5
0
Hi Friends !!! In two separate reports there has been some notable movement in the issue
of Android malware. The first report indicates that Google has recently pulled some malware from
the Android Market, called RuFraud, that was an SMS hole exploit.
the company found Android users worldwide
have a 36% chance of clicking on an unsafe link in 2011. In the United States


 
Top