Friday, October 31, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Panasonic Raises Profit Outlook
Toshiba Offers New 4TB and 5TB Desktop HDDs
Samsung Introduces New Ultra Slim Galaxy A5 and Galaxy A3 Smartphones For The Chinese Market
Sharp 2Q Profit Slides
PlayStation 4 Sales Sustain Sony's Quarterly Loss
MSI Debuts The GT80 Titan Gaming Notebook With Mechanical Keyboard
Sharp To Produce New Backlight-free LCD Panel For Wearables
New Cameras Boost GoPro's Quarterly Profit
Active Discussions
DVD/DL for Optiarc 7191S at 8X
Copied dvd's say blank in computer only
Made video, won't play back easily
New Features In Firefox 33
updated tests for dvd and cd burners
How to generate lots of different CDs quickly
Yamaha CRW-F1UX
help questions structure DVDR
 Home > News > Mobiles > Nearly ...
Last 7 Days News : SU MO TU WE TH FR SA All News

Monday, November 21, 2011
Nearly All Mobile Malware in Q3 Was Targeted at Android


The amount of malware targeted at Android devices jumped nearly 37 percent since last quarter, and puts 2011 on track to be the busiest in mobile and general malware history. Almost all new mobile malware in Q3 was targeted at Android.

The information was reported by McAfee at the company's Q3 2011 threats report.

"This has been a very steady quarter in terms of threats, as both general and mobile malware are more prevalent than ever," said Vincent Weafer, senior vice president of McAfee Labs. "So far this year, we?ve seen many interesting yet challenging trends that are affecting the threat landscape, including heightened levels of sophistication and high-profile hacktivist attacks."

At the end of 2010, McAfee Labs predicted that malware would reach the 70 million unique samples by the end of 2011. Because of the rapid proliferation of malware this year, McAfee Labs has increased this prediction to 75 million unique malware samples reached by year?s end, the busiest in malware history.

Malware authors are capitalizing on the popularity of Android devices, as demonstrated by the fact that the Android platform was the only mobile operating system for all new mobile malware in Q3. One of the most popular forms of trickery in Q3 was SMS-sending Trojans that collect personal information and steal money. Another new method of stealing user information is malware that records phone conversations and forwards them to the attacker.

Fake Anti-Virus (AV), AutoRun and password-stealing Trojans have bounced back strongly from previous quarters, while AutoRun and passwords stealers remain at relatively constant levels. Mac malware also continues to grow, following a sharp increase in Q2. Although the increase in Q3 was not as significant, McAfee Labs warns that as certain platforms grow in popularity for both consumer and business use, such as the Mac operating system, malware authors will increasingly use theses platforms to target victims.

Web threats are also a common way for attackers to prey on unsuspecting victims. Websites have bad or malicious reputations for a variety of reasons, and are often influenced by the hosting of malware of phishing sites. The number of "bad sites" dropped a bit, from an average of 7,300 new bad sites in Q2 to 6,500 new bad sites in Q3.

While spam still remains at its lowest levels since 2007, spearphishing, or targeted spam, is at its greatest development in years. While not prominent, spearphishing is still highly sophisticated and effective, resulting in an elevated threat level. While overall botnet infections dropped slightly in Q3, they seemed to have shown a significant increase in Argentina, Indonesia, Russia and Venezuela. As for the botnets that were the most damaging, Cutwail, Festi and Lethic lead the pack, while previous frontrunners Grum, Bobax and Maazben declined.

Social engineering is also a lure used in targeted attacks that depend greatly on geography and language. Attackers show remarkable insight into what works in different cultures and regions - not just globally but also seasonally, and can vary by month, season or holiday. In the United States, "Delivery Service Notifications" (or fake error messages) are the most popular, while in the United Kingdom "419 scams" reign supreme. In France, phishing scams dominate, while drug spam is the most popular lure in Russia.

Hacktivist attacks were primarily launched by Anonymous in Q3. One clear differentiator from past quarters is that the goals were not as abundantly transparent as in previous quarters. The report highlights hacktivist activity from Q3, with at least 10 high-profile attacks at the hands of Anonymous, including attacks against the Arizona Fraternal Order of Police, Booz Allen Hamilton, Bay Area Rapid Transit, Austrian Police and Goldman Sachs.

'Dirty Dozen' list of vulnerable smartphones

The Android market has cultivated innovation and significant growth in the smartphone industry, but there are systemic problems in the distribution ecosystem which adversely impact security.

Security firm Bit9 has pulled together what it calls its "Dirty Dozen" list, putting the Google Android operating system in the spotlight, with claims that an estimated 56 percent of Android phones in the marketplace today are running out-of-date and insecure versions of the Android.

Smartphones running the Android operating system represent the majority of all new phone purchases. Unlike Apple iOS, RIM Blackberry or Windows Phone, the phone manufacturer - not the software vendor - is responsible for providing Android software updates to their smartphone. Phone carriers also inject themselves into the process, selling further customized models and sometimes charging data usage for software updates.

"The result is chaos," Harry Svedlove, Bit9's chief technology officer, says. "As anyone who has ever owned an Android phone can attest, waiting for your phone to receive the latest Android release is like walking through prickly bushes - slow, painful, and sometimes buggy (except for the Google Nexus phone, the only model where Google is responsible for the software updates)," he added.

According to the Bit9 study, all of the top 12 most vulnerable smartphones of 2011, are Android phones. More than half of all Android devices are running a version of the operating system that is over 18 months old.

The Bit9 "Dirty Dozen" not-so-smart smartphone list includes:

1. Samsung Galaxy Mini
2. 2 HTC Desire
3. Sony Ericsson Xperia X10
4. Sanyo Zio
5. HTC Wildfire
6. Samsung Epic 4G
7. LG Optimus S
8. Samsung Galaxy S
9. Motorola Droid X
10. LG Optimus One
11. Motorola Droid 2
12. HTC Evo 4G

For instance, the Samsung Galaxy Mini was released in April of this year based on a version of Android that was about 11 months out of date the day it shipped, according to Bit9.

Most Android phones come to market at least one major version behind the latest Android release, and they stay around six months behind the update curve moving forward. Manufacturers come out with newer models every 12 to 18 months and quickly end-of-life their previous models, usually well before the two year contracts most users sign with their carriers. Many times, updates are not pushed over-the-air (OTA). Users are required to go to support websites, download and unzip packages, manually backup their data, and wade through painful processes to get the latest updates. When OTA updates are released, they are staggered across geographies and phone carriers and can take months before reaching all affected models. Samsung - recently declared the world's biggest smartphone vendor - performed the worst of the top four Android manufacturers. Initial releases and updates to Samsung Android phones fall, on average, eight months behind Android?s release schedule (that?s counting when they start rolling out updates; no one knows how long the process actually takes).

"All software has vulnerabilities. The Android code is no more vulnerable than Apple iOS or any other operating system," said Svedlove. "The issue is what happens when a flaw is discovered. The quicker a software update can be distributed, the more secure you are. The longer a device remains outdated with known vulnerabilities, the greater the risk," he added.

"It's time to raise industry awareness and put pressure on the manufacturers and carriers to do better."


Previous
Next
Nintendo Brings New 3DS Bundles on Thanksgiving Day        All News        Seagate Wins $525 Million From Western Digital in Arbitration
USB-IF Releases Mobile Broadband Interface Model Specification     Mobiles News      Amazon Said To Launch Smartphone Next Year

Get RSS feed Easy Print E-Mail this Message

Related News
Google Announces New Android Lollipop, Nexus 6 Smartphone, Nexus 9 Tablet And Nexus Player Streamer
Android L To Support Encryption By Default
First Low-cost Android One Phone Unveiled
First Android Apps Coming to Chromebooks
Android Gaming Consoles on the Horizon
Your Android Phone Is Telling the World Where You've Been
Selfmite SMS Worm Attacks Android Devices
Android, Windows Phones To Feature Kill Switches
Google To Enter The Living Room Battle With Android TV
Android Silver Devices Coming Next Year: report
Law Firm Files Antitrust Class-action Lawsuit Against Google
Apple Remains Top Smartphone Maker In February, Yahoo Expands Mobile Audience Reach

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .