The Inquirer-Home

Android is target for 98 percent of all mobile malware

Kaspersky Lab also finds first Tor Android Trojan
Wed Feb 26 2014, 15:33
An Android logo

KASPERSKY LAB has reported that mobile malware shot up last year, and has already evolved more variants in 2014.

A report from the security firm said there's been an "evolution" in mobile malware over the last 12 months, and reckoned that a lot of it is targeted at banking information and Android.

"Android remains a prime target for malicious attacks," Kaspersky Lab said. "98.05 percent of all malware detected in 2013 targeted this platform, confirming both the popularity of this mobile OS and the vulnerability of its architecture."

"Most mobile malware is designed to steal users' money, including SMS Trojans, and lots of backdoors and Trojans."

The firm said that the number of new malicious programs in 2013 doubled to over 100,000. Today as it stands Kaspersky has collected 143,211 mobile malware samples.

The bulk of attacks, 40 percent, target people in Russia. The UK ranks fifth, with three percent of victims. Germany, which lurks just below the UK, is apparently rather susceptible to a premium charge SMS takeover attack. Things are likely to get worse, Kaspersky warned.

"Today, the majority of banking Trojan attacks target users in Russia. However, that is unlikely to last for long: given cybercriminals' keen interest in consumer bank accounts, the activity of mobile banking Trojans is expected to grow in other countries in 2014," said Kaspersky virus analyst Victor Chebyshev. "We already know of Perkel, an Android Trojan that attacks clients of several European banks, as well as the Korean malicious program Wroba."

Wroba is described as being "very aggressive" and capable of grabbing logins and passwords through its habit of deleting and replacing banking apps with its own alternatives.

In a separate post Kaspersky's Roman Unuchek added that an Android Trojan had been found, and explained that it was using the TOR anonymising network to hide its tracks.

Unuchek said that the Trojan named Backdoor.AndroidOS.Torec.a is a variation of the Tor client Orbot. "The Trojan uses the anonymous Tor network built on a network of proxy servers. As well as providing users with anonymity," he added. µ


Share this:

blog comments powered by Disqus
Subscribe to INQ newsletters

Sign up for INQbot – a weekly roundup of the best from the INQ

Existing User
Please fill in the field below to receive your profile link.
Sign-up for the INQBot weekly newsletter
Click here
INQ Poll

Microsoft Windows 10 poll

Which feature of Windows 10 are you most excited about?