2021 mobile malware evolution: Fewer attacks, escalating dangers – TechRepublic

Register for your free TechRepublic membership or if you are already a member, sign in using your preferred method below.
We recently updated our Terms and Conditions for TechRepublic Premium. By clicking continue, you agree to these updated terms.
Invalid email/username and password combination supplied.
An email has been sent to you with instructions on how to reset your password.
By registering, you agree to the Terms of Use and acknowledge the data practices outlined in the Privacy Policy.
You will also receive a complimentary subscription to TechRepublic’s News and Special Offers newsletter and the Top Story of the Day newsletter. You may unsubscribe from these newsletters at any time.
Username must be unique. Password must be a minimum of 6 characters and have any 3 of the 4 items: a number (0 through 9), a special character (such as !, $, #, %), an uppercase character (A through Z) or a lowercase (a through z) character (no spaces).
2021 mobile malware evolution: Fewer attacks, escalating dangers
Your email has been sent
2021 saw a decrease in mobile malware attacks, yet they have become increasingly sophisticated. Learn more about these threats and how to avoid being a victim.
Recent events like the discovery of the Pegasus spyware have brought attention to the mobile malware threat, but it has been there for many years already. To get a picture of its status, Kaspersky just released a new report about the mobile malware threat evolution.
Nearly 3,5 million malicious installation packages have been detected by its products in 2021, which is about the same number as in 2019 but 2.2 million less than 2020 (Figure A).
Figure A 
The number of attacks detected decreased steadily in 2021 from 5.5 million in January 2021 to 2.2 million in December 2021. Yet the attacks on mobile have gotten more sophisticated in terms of both malware functionality and vectors, according to Kaspersky.
The top three countries by share of users attacked by mobile malware are Iran, China and Saudi Arabia. Those results are largely a result of specific infections: adware (AdWare.AndroidOS.Notifyer affecting Iran and AdWare.AndroidOS.HiddenAd targeting Saudi Arabia) and PUA (potentially unwanted applications) RiskTool.AndroidOS.Wapron largely targeting China.
Those are not surprising results, since adware and PUA tend to use business models that facilitate spreading at wide scale on as many devices as possible — with adware representing as much as 42% of all detected mobile malware and PUA representing 35% of all detections (Figure B).
Figure B 
The third most detected category is Trojan malware, which represents only 8.86% of the detections but is considered far more dangerous than the two first categories. It is also worth noting that Trojan detections almost doubled between 2020 and 2021.
SEE: What are mobile VPN apps and why you should be using them (TechRepublic Premium)
Banking Trojan is a severe threat to mobile devices. It has different capabilities, which generally include stealing credit card information as it’s typed on the mobile device and gaining access to banking accounts.
To infect mobile devices, banking Trojans are generally disguised as legitimate applications, luring users into installing the software. The most effective banking Trojans can impersonate several different banking applications interfaces in addition to other applications, like payment and cryptocurrency handling applications.
Once a banking Trojan is launched on a mobile device, it generally starts displaying its own interface over the legitimate banking app from the user, stealing information that includes the user’s credentials. Banking Trojan malware on mobile devices also can deal with SMS 2-factor authentication (2FA).
The top 10 banking Trojan detections reported by Kaspersky are all Android applications. It has mostly targeted Japan and Spain, followed by Turkey, France and Australia.
Kaspersky’s report reveals a decrease in the number of attacks in 2021 for the banking Trojan category (Figure C).
Figure C 
The top 10 ransomware threats detected were all Android operating system-based. In 2021, the number of detections mostly remained at the same level, with a slight decrease in the last months of the year (Figure D).
Figure D 
The most widely spread malware in this category was Trojan-Ransom.AndroidOS.Pigetrl.a, which locks the devices and asks for a code but provides no instruction on how to get it — it is embedded in the body of the malware.
The second one is named Trojan-Ransom.AndroidOS.Rkor, and it asks the user to pay a fine for viewing prohibited content.
As for the geographical location of the detections, most are from Kazakhstan, Yemen, Kyrgyzstan and Sweden.
New infection methods are growing, such as malicious code injection in legitimate applications through ads software development kits (SDKs) and more complex hiding in application stores.
New functionalities have also appeared. The Fakecalls banking Trojan, dedicated to targeting Korean users, drops outgoing calls to the target’s real banking company and plays prerecorded operator responses. The Vultur backdoor uses virtual network computing (VNC) to record the victim’s screen when they launch an application of interest to the attackers, allowing the monitoring of onscreen events.
SEE: 9 key security threats that organizations will face in 2022 (TechRepublic)
Disclosure: I work for Trend Micro, but the views expressed in this article are mine.
Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.
2021 mobile malware evolution: Fewer attacks, escalating dangers
Your email has been sent
Your message has been sent
Google Tasks has never had a solid interface … until now. Jack Wallen shows you how to turn Tasks into a kanban board-like workflow with the help of TasksBoard.
Don’t pack your bags and move to Bozeman yet. This micro-scale warp bubble won’t be capable of propulsion, but it could have myriad other applications, says its discoverer Dr. Sonny White.
Based on job demand, Python is the top language, followed by Java, JavaScript, C++, C# and C, says CodingNomads.
If you’re not certain whether your Java project is free from Log4j vulnerabilities, you should try this easy-to-use scanning tool immediately.
If you missed in-person tech events in 2020 and 2021, here’s some good news: It’s looking promising that in 2022 many conferences will get back to (almost) normal.
The comprehensive bundle covers a range of subjects, including app development, game development, machine learning, computer vision, deep learning, NFTs, Java and website building.
When computer systems fail, business grinds to a halt, and that can cost your enterprise a considerable amount of money. With the help of TechRepublic Premium’s Systems Downtime Expense Calculator, you can estimate just how much each system failure is going to cost you. When to use this tool Even if the entire business does …
Results from the latest TechRepublic Premium survey suggest that businesses continue to deploy multicloud solutions, but the IT pros who support them are uncertain how they’ll change in the future. From the introduction: Heading into the third year of the COVID-19 global pandemic, industries, businesses, consumers and the information technology professionals who support them are …
This TechRepublic Premium download includes a checklist for PC and Mac migrations to minimize frustrations and improve productivity. Regardless of the process, there are several elements to track when replacing an existing computer with a new system. Whether your organization begins by imaging drives or manually configures new systems, many questions must be addressed, including: …
The Microsoft 365 Services Usage Policy from TechRepublic Premium defines the practices and behaviors that organization representatives must follow when using any organization-provided Microsoft 365-powered application, site or service. Whether organization representatives access Exchange-hosted email, applications, SharePoint portals, Teams sites or OneDrive cloud file storage using an organization-provided, organization-reimbursed or even personal Microsoft 365 services …

source

Share:

More Posts

Market Research

Pulse Surveys

Turn feedback into action

Our survey platform makes it easy to measure and understand feedback so you can drive growth and innovation

Pulse Handshak

Pulse Handshak

Collaborative online survey tool for the market research industry. Remote assisted surveying just like face-to-face interviews. Here interviewers can talk to the respondent over the web-console without the need for any other communication channel and share the same Q're with responses and click actions.

Pulse FE

Pulse FE

Pulse Field Expert or Pulse FE is the main platform for both offline and online survey at softofficepro.com. It is robust and used by hundreds of clients over tens of years with millions of responses. Do it once Q're and deploy on both offline devices (android) and online forms makes it a great cost effective platform for any kind of responses

Pulse Ultimate

Pulse Ultimate

Pulse Ultimate is targeted for tracking studies and retail audits. An offline survey system offering extreme field control including processes like data quality check, back-check, rework, comparison with previous wave data etc. helps to get the best results on a day-to-day basis

Pulse LS

Pulse LS

Use a managed Limesurvey and our expertise for creating complex forms and token based user management. Use optional mailing system to send survey invitation to each participant and track progress of the response status. Industry standard SPSS / R output supported