Almost 1 in 10 Android apps are now malware
Cheetah Mobile Threat Research Labs analyzed trends in mobile viruses for Q1 and Q2 of 2014. Pulling 24.4 million sample files they found that 2.2 million files had viruses, roughly 9% of the total. Compared to previous years, this is a 153% increase from the number of infected files in 2013.
Major trends in mobile security over the past six months include:
1. The number of Android viruses continues to rise: Of the 24.4 million sample files pulled, 2.2 million files had viruses, roughly 9% of the total. Compared to previous years, this is a 153% increase from the number of infected files in 2013.
2. Payment-based viruses are becoming more prevalent: Payment viruses accounted for 68% of the above mentioned viruses, while consumption viruses occupy a distance second place at 16%. These two types of viruses mainly result in financial losses for the user.
3. Asia ranks highest for infection rates, followed by in France and Russia: Asia and select parts of Western Europe have undoubtedly had the highest rates of infection during the past six months. This is due in part to the prevalence of third party app stores in these regions, which have very lax checks to ensure that applications do not contain viruses. These 3rd party markets are the main source vector for virus transmission. According to Cheetah Mobile’s analysis, viruses coming from 3rd party markets account for 99.86% of infections – 713 times more compared to Google play at 0.14%.
4. Android operating systems matter: The report also found that infection rates differ among the various Android systems. Android systems 4.1 and 4.2 have experienced the largest proportion of infections, but this is likely due to these versions having a large number of users compared to other versions. In total, 65.4% of infections are on these two versions. Android system versions 4.3 and 4.4 are more secure, but they still contain vulnerabilities.
5. Attacks targeting Wi-Fi networks have proliferated around the world: The Cheetah Mobile Threat Lab found that 1% of router Domain Name Systems have been tampered with and 22% of users choose overly simple passwords. Indeed, more than 68% of router owners simply use default passwords offered from vendors, which increases the vulnerability of the router to hacking attacks. In addition, there are significant safety concerns when using Wi-Fi at airports or other public places. Data sent over these public Wi-Fi systems can easily be intercepted by hackers.
The major mobile security events from the past six months include:
1. April: The OpenSSL Heartbleed vulnerability can result in leaked account names, passwords, credit card numbers and other private info. The name Heartbleed comes from a function called a heartbeat that was designed to ensure that the user and the server were constantly able to communicate with each other.
2. May: The eBay leak was one of the hottest pieces of security news in the last six months. eBay workers’ computers were hacked and the hackers covertly stole massive amounts of user account info, including account names, email addresses, phone numbers, and DOBs. Official data showed that 145+ million users were affected.
3. May: Express SMS frauds attacked Android users in Taiwan. Large numbers of Taiwanese got messages similar to: “You have an Express Delivery. Tap the link to verify the electronic signature certification.” After tapping it, an Android malware would be downloaded. Once installed, the malware sends out hundreds of SMS messages to premium rate numbers, and steals copies of messages and the users’ contact list. It then uses the contact list to send the same bait message to more people.