10% of fixed broadband connections and 0.5% of mobile phones were under attack from viruses or spyware in the last quarter, according to a report by Kindsight, warning of a “strong increase” in this risks.
Figures for the second quarter of 2013 by Alcatel-Lucent’s Kindsight subsidiary have revealed in a statement that during this period, 6% of home networks were threatened with “high level” as “bots” stealth programs, banking virus Trojans that infect other computers or programs and applications.
The “most virulent” was the ZeroAccess, that infected 0.8% of broadband users. Zeroaccess2 is a p2p bot that uses rootkit technology to conceal its presence. It downloads additional malware that is used in a large scale ad-click fraud. This fraud can cost Internet advertisers millions of dollars each day.
Kindsight said in a report released Tuesday that the vast majority of mobile devices infected with malware are running the Android operating system and a third of the top 20 malware threats for Android by infection rate fall into the spyware category.
According to Kindsight, an adware Trojan program called Uapush.A is the malware threat most commonly seen on Android devices which sends SMS messages and steals information. Uapush.A was responsible for around 53 percent of the total number of infections detected on Android devices.
The second-most-common Android threat is a Trojan program called QdPlugin, whose primary purpose is to install and control other adware programs. This malware is distributed as repackaged versions of legitimate games and connects to a control server located in the U.S.
“Mobile spyware in the ‘Bring Your Own Device’ (BYOD) context poses a threat to enterprises because it can be installed surreptitiously on an employee’s phone and used for industrial or corporate espionage,” said Kevin McNamee, security architect and director of Alcatel-Lucent’s Kindsight Security Labs.
Kindsight experts research also incorporated his sovereign information about spyware multiplication of mobile devices.
Kevin McNamee, stated that the company has developed a prototype wiretapping program that can be entered in “almost any Android app.”
Once entered, from a command post online the hacker can remotely locate your phone, upload contact lists and personal information it contains, intercept and send messages, record conversations or take pictures.
Alcatel-Lucent will demonstrate the risks of a mobile spyphone at the Black Hat 2013 security event in Las Vegas, July 27-August 1.
In the broadband network space, Q2 was pretty much a continuation of Q1 in terms of network malware activity. There was some jockeying for position in the top 20s lists, but nothing really new hit the scene in Q2. The residential malware infection rate continues to be round about the 10% level which was up slightly from the 9% that was seen in Q1. ZeroAccess continued to be the most widespread infection with infection rates of up to 1% in some networks. The major threat vector continues to be compromised websites hosting exploit kits such as Blackhole with generic spam based phishing attacks driving users to those sites. Spam volume leveled off in Q2 after increasing in Q1.
On the mobile front the infection rates observed in the network continue to be fairly low with an average infection rate of about 0.52%. Android devices are the most targeted, with trojanized apps from Google Play and third party app stores being the major infection vector. There has yet to be a major malware epidemic that can spread directly from one mobile device to another. In the mobile space, the malware is making money through sending premium SMS messages and information theft associated with adware and spam. There have been some attempts to extort money based on fake security software. Spyphones applications are also increasing and could become a significant threat when applied to the BYOD and APT scenarios.
Photo Credit: greyweed