February 21, 2014 weblog
Security firms warn of increase in mobile malware and its increasingly regional nature
RiskIQ is reporting that the number of apps in the Google Play store infected with malware has risen from 11,000 apps in 2011 to 42,000 last year. They also report that apps created to allow users to customize their devices are the ones most likely to be infected. The company has even pointed out three apps with malware that stood out from the others: Wallpaper Dragon Ball, Subway Surfers Free Tips and Finger Hockey. RiskIQ also reports that their analysis of the Google Play store was done using custom software that is able to coax malware into revealing itself. They claim also that the percentage of malware infected aps found and removed by Google is declining—from 60 percent of infected apps in 2011, to less than 25 percent last year.
While the trend noted by RiskIQ might be alarming, it's worth noting that the overall number of apps in the Google Play store has also increased—by roughly the same percentage as infected apps—from 250,000 apps to close to a million, over the same time period. Thus, the percentage of apps infected has remained nearly fixed.
In other news, security company Lookout has posted a warning on its site claiming that malware makers are getting more sophisticated—they've begun tailoring malware to specific regions, unleashing infected apps in the places where they offer the biggest return. The regional differences, they note, occur because of different levels of security efforts aimed at stopping them. In Russia, for example, they say, 63 percent of downloaded apps are infected with malware, whereas in the U.S. it's just 4 percent. Because of that, Lookout says, malware makers are targeting different areas or countries differently. They say that malware in Europe, for example, is mostly of the chargware variety (where users are tricked into paying for an app or service). Malware in the U.S. on the other hand is increasingly focused on stealing user data, such as login ids. Lookout is basing its claims on an analysis it made using user feedback from 50 million of its own users
RiskIQ report: www.riskiq.com/company/press-r … ve-spiked-nearly-400
© 2014 Phys.org