Nearly 12mil devices infected, PC malware makes leap to mobile

• Traditional ‘fixed’ malware starting to make jump to mobile devices
• Also used for espionage and DoS attacks on businesses, governments

SECURITY threats to mobile devices continue their rapid rise, with data from Alcatel-Lucent showing that more than 11.6 million devices are infected at any one time.
 
This puts devices owners at increased risk for stolen personal and financial information; bill shock resulting from pirated data usage; and extortion in exchange for device control, Alcatel-Lucent said in a statement.
 
Meanwhile, the security threat to home networks remained constant with traditional ‘fixed’ malware types starting to make the jump to mobile devices, the company added.
 
Figures for the 2013 fourth quarter and year from Alcatel-Lucent’s Kindsight subsidiary reveal that malicious software or ‘malware’ used by hackers to gain access to devices continues to rise with consumer ultra-broadband usage.
 
In addition to the risks posed to consumers, the malware is used to commit espionage and launch denial of service attacks on businesses and governments.
 
Alcatel-Lucent uses its network security and analytic products within networks to measure the impact of traffic types traversing the network, including malicious and cyber-security threats.
 
The report found that mobile malware infections increased 20% in 2013, with 4G LTE (Fourth Generation Long-Term Evolution) devices being the most likely to be infected.
 
Android devices accounted for 60% of total mobile network infections, which frequently took the form of ‘trojanised’ applications downloaded from third-party app stores, Google Play Store or by phishing scams.
 
Also, 40% of mobile malware originated from Windows laptops tethered to a phone or connected directly through a mobile USB stick or MIFI hub. Infections on iPhone devices and BlackBerry devices made up less than 1%.

“Criminals traditionally go after low hanging fruit,” said Kevin McNamee, security architect and director of Alcatel-Lucent’s Kindsight Security Labs.
 
“Not only is Android the largest smartphone market, unlike iPhone and Blackberry, it allows apps to be loaded from third-party sites. This provides cybercriminals with an un-policed mechanism to distribute their malware which can easily evade detection by device-based antivirus.
 
“Thus, in 2013 we saw an increased trend towards operators offering network-based antivirus security to subscribers as a service,” he added.
 
Other report highlights include:
 

• The mobile infection rate was 0.55% in the fourth quarter. Based on this, it is estimated that at any time over 11.6 million mobile devices – mostly Android – are infected by malware.

• The number of mobile malware samples grew 20 times in 2013.

• The residential infection rate in fixed networks dropped from 9.6% in October to 8.7% in December. For the year, it remained relatively flat at 10%.

• 6% of broadband residential customers were infected with high-level threats such as a bots, root-kits, and banking Trojans.

• Although ZeroAccess malware topped all infections in the fourth quarter, its infection rate dropped from 0.8% to 0.4% due to Microsoft’s and Symantec’s efforts to disrupt its operations.

2013 was also a year that saw mobile spyware turn infected smartphones and tablets into a cyber-espionage devices that allowed hackers to remotely track location, download contact lists and personal information, intercept and send messages, record conversation and take pictures, Alcatel-Lucent said.
 
To download the Kindsight Security Labs Malware Report – Q4 2013, click here.
 
Related Stories:
 
The world’s first mobile malware celebrates its 10th birthday
 
Bitcoin botnet ZeroAccess tops threat list: Fortinet
 
Efforts to subvert digital signature validation on Android, says McAfee
 
Java exploits on the rise, Android malware break out of app stores
 
 
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.