Spyphone apps on the rise: Alcatel-Lucent study

• 15mil mobile devices infected with malware, led by Android smartphones
• Infections on iPhone and BlackBerry devices made up less than 1%

SECURITY threats to mobile and residential devices jumped sharply during the first half of 2014, putting device owners at increased risk of being spied on, having personal information stolen, or experiencing ‘bill shock’ as result of pirated data usage, according to Alcatel-Lucent.
 
Figures for the first half of 2014 from Alcatel-Lucent’s Kindsight Security Labs reveals that malicious software or ‘malware’ used by hackers to gain access to devices continues to rise with consumer ultra-broadband usage.
 
The report found that mobile malware infections increased 17% during the first six months of 2014, growing at nearly double the rate seen for the entirety of 2013, the company said in a statement.
 
Similarly, residential infections in fixed networks jumped to 18% at the end of June, from 9% in December 2013.

Alcatel-Lucent said that thanks to its “unique position within networks,” it can measure the impact of traffic types traversing the network, including malicious and cyber-security threats.
 
The mobile infection rate was 0.65% during the first half of 2014, compared with 0.55% at the end of 2013.
 
Based on this, Kindsight Security Labs estimates 15 million mobile devices are infected with malware, up from 11.3 million at the end of 2013.
 
Android devices accounted for 60% of total mobile network infections, while 40% of mobile malware originated from Windows laptops connected to a phone or connected directly through a mobile USB stick or MIFI hub.
 
Infections on iPhone devices and BlackBerry devices made up less than 1%.
 
“Android smartphones are the easiest malware target, but Windows laptops are still the favourite of hardcore professional cybercriminals,” said Kevin McNamee, security architect and director of Alcatel-Lucent’s Kindsight Security Labs.
 
“The quality and sophistication of most Android malware is still behind the more mature Windows PC varieties. Android malware makes no serious effort to conceal itself and relies on unsuspecting people to install an infected app,” he added.

Mobile network infections frequently took the form of ‘trojanised’ applications which look fine on the surface but contain hidden malware that when downloaded by Android owners from third-party app stores, Google Play Store or by phishing scams that can steal personal information on one’s phone or send SMS messages and browse the Web.
 
Alcatel-Lucent attributed the rise in 2014 residential infection rates primarily to moderate threat level adware, which primarily poses an annoyance for device owners such as unwanted ads or sub-par device performance.
 
However, high level malware threats that can do serious damage by stealing personal information, passwords and credit card information also experienced a modest gain, the company said. Seven percent of broadband residential customers were infected with high-level threats: up from 5% at the end of 2013.
 
The Kindsight Security Labs report also includes the top 20 home and Internet malware threats in the first six months of 2014, as well as analysis of malware developments, including ZeroAccess, iBryte, Carberp, Uapush, Coogos, NotCompatible, SMS Tracker and others.
 
High level malware threats comprised 85% of the threats found on the Top 20 Android List, where four instances are mobile spyware used by an attacker to remotely track and monitor a device owner’s location, communications and browser history.
 
Five of the seven new malware entries in the Residential Top 20 List are adware which can redirect a victim’s browser to undesirable websites and create unwanted pop-up ads.
 
“The best defence against infection is network-based malware detection,” McNamee said.
 
“People frequently don’t take appropriate security precautions for their devices, and even when they do a malicious app can easily evade detection by device-based antivirus. Network-based antivirus embedded on an operator’s network cannot be disabled by cybercriminals, is always on and up to date,” he added.
 
To download a copy of the Kindsight Security Labs Malware Report – H1 2014, click here.
 
Related Stories:
 
The world’s first mobile malware celebrates its 10th birthday
 
Nearly 12mil devices infected, PC malware makes leap to mobile
 
Securing a new iPhone in three simple steps
 
Android heading for 100% malware record
 
 
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.