Android phones are world’s most malware-infected mobile devices

This is because smart phones running on Android system dominate the mobile device population. This does not necessarily means that Android phones are more prone to attack than those running on Windows and iOS.

According to an article published in Computerworld, the most common types of malware infecting Android devices arethe following:

• Adware
• Information Stealers
• SpyPhone
• SMS Trojans
• Banking Trojans
• Fake Security Software

Samsung Galaxy S4. Samsung smartphones and tabs are running on Android operating system.


Most malware-infected

Android smart phones are the world's most malware-infected mobile devices with 60% of them globally having been successfully targeted by malicious software in the last quarter of (Q4) 2013.

This was according to the Kindsight Security Labs Malware Report-Q4 2013 whose findings have been made available recently. The report by the malware detection arm of the Ontario-based network security solutions provider said the figures regarding infected devices was conservative.

It explained that this was because detectors of Alcatel-Lucent-Kindsight's parent company-were not employed in China and Russia where infection rates are known to be higher.


Android devices have the largest market share

The report attributed the 60% infection rate to the fact that Android devices hold the largest share of the global market for smartphones. It explained cybercriminals often go after low hanging fruit to maximise results from their efforts. It likewise said 40% of infected devices were Windows PCs connected to the mobile network.

On the other hand, iPhone, Blackberry, Symbian and Windows Mobile accounted for less than one percent of infected mobile devices.

Unlike the iPhone or Blackberry, the Android offers the ability to load them from third party app sites.

Source: Computerworld Malaysia


TheGreenMechanics: International Telecommunications Union estimated that there are 2.1 billion smartphones globally. If you are in the higher risk bracket, just play safe and be very careful with what you download into your phone.

SpamSoldier: The new Android botnet discovered across major carriers

If you are fan of Angry Bird, then this may be of concern to you. A spam specifically targeting Android smartphones is said to be sending messages or adverts about popular paid games like Angry Bird Space, offering the free versions.

No indication yet if it has reach our shore, but already detected on all major US carriers. So, Samsung, HTC, Sony smartphone users, Be Warned.

Nyum, nyum, nyum!

Check out this security alert by Lookout: SpamSoldier

A new Android spam botnet has been discovered that uses infected phones to send thousands of SMS messages without the user’s permission. While the threat is not (yet) widespread, it has already been spotted on all major US carriers and has the potential to make a big impact at the network level if it isn’t dealt with soon.

On December 3, security firm Lookout detected the threat, which it dubbed SpamSoldier, in cooperation with one of its unnamed carrier partners. It spreads through SMS messages (it has not yet been detected on any major app stores) that advertise free versions of popular paid games like Angry Birds Space.


How it works

After the user taps on a link from one of these SMS messages, their phone downloads an app that claims to install the game. Instead, SpamSoldier opens and removes its icon from the launcher to cover its tracks. It then immediately starts sending spam messages.

SpamSoldier also attempts to keep the user in the dark by hiding evidence of its malicious activity. It also installs a free version of the game in question to keep users unaware of what is really happening. Furthermore, outgoing spam messages are removed from the list and the malware even attempts to intercept incoming SMS replies to the spam it sends.


Source

7 million Malaysian smartphone users exposed to cyber hacks

Are you reading this article from your tablet, or smartphone?

If yes, you are one of the 7 million smartphone users in Malaysia that are exposed to threats from cyber hackers. Between January to September this year, losses incurred from cyber crime totaled RM21.8 million:

• Illegally intercepted online purchases     - 1,298 cases (RM14.5 million)
• Text messaging service or phone calls   - 412 cases   (RM3.4 million)
• Hacking                                               - 24 cases     (RM3.3 million)
• Internet and phone banking                   - 74 cases      (RM590,000)

TOTAL : RM21.8 million

Be warned and take all the precautions to avoid heartbreak.


Seven Million Smartphone Users Exposed To Threat From Cyber Hackers
Nov 2, 2012
KUALA LUMPUR: About seven million smartphone users nationwide are exposed to threats from cyber hackers who use smartphones as mediums through which to carry out fraudulent activities like stealing money.

Bukit Aman director of Commercial Crime Investigation Department, Datuk Syed Ismail Syed Azizan said a lack of awareness about smartphone security made smartphone users easy victims.

"The hackers' modus operandi is to send a malicious Trojan application disguised as a text message to consumers.

"They are unknowingly charged when they reply to the fake message. "Consumers only realise this after receiving costly phone bills although they did not subscribe to the phony services," he said.

The hackers' activities were executed via downloaded applications such as "type on" that caused the victims to bear the hidden expenses even when they had uninstalled the application.

Lookout Mobile Security was quoted as saying that worldwide users lost millions of dollars last year via malware and toll fraud that attacked smartphone users who had accessed applications from suspicious sources rather than trusted ones such as Apple and Google.

Ismail said police statistics records showed that from January to September this year, losses incurred from cyber crime via text or phone call totalled RM21.8 million. The cyber hackers targeted users of Internet and phone banking services, hacking into and abusing these networks.

Cases of illegally intercepted online purchases recorded the highest losses at RM14.5 million (1,298 cases) followed by text messaging service or phone calls at RM3.4 million (412 cases), hacking at RM3.3 million (24 cases) and Internet and phone banking at RM590,000 (74 cases).

However, there were no losses in cases of network abuse since they did not involve the loss of property but the extortion of victims by using personal photographs and threatening words. Twenty-five such cases were recorded.

Ismail said apart from seven million smartphone users, Malaysia had 7.7 million mobile Internet users. - Bernama

New Android malware spreads on mobile devices

If you are an Android smartphone user or tablet user, beware.

According to Lookout, a smartphone security company, you are now facing another malware threat called NotCompatible. This new trick up malicious programmers’ sleeves, spreads malware through infected or hacked/compromised websites.

Screenshot from mylookout.com

How the malware works

When the you visit a compromised website from your smartphone or tablet (or any Android powered device), your web browser will automatically begin downloading application, a process known as a "drive-by download."

Once downloaded, the device will display a notification prompting the user to click on the notification to install the downloaded app. But for the app to actually install on a device, it must have the “Unknown sources” setting enabled.

The positive side - at least for the time being - is that if  your device "unknown sources" setting is not enabled, the installation will be blocked.


Update by Lookout

An update by the security company stated that NotCompatible is a new Android trojan that appears to serve as a simple TCP relay / proxy while posing as a system update. It does not yet appear to cause any direct harm to a target device, but could potentially be used to gain illicit access to private networks by turning an infected Android device into a proxy.

This appears to be the first time that compromised websites have been used to distribute malware targeting Android devices.

As a matter of concern, a device infected with NotCompatible could potentially be used to gain access to normally protected information or systems, such as those maintained by enterprise or government. So, if you are an administrator of a network at work place, this threat could be of interest to you.


Prevention

For people with Lookout protection, you are covered. For the masses, simply block (don't enable) auto installation of app from unknown sources. Simple as that.

Reference: Lookout mobile security