A new security report from Kaspersky Lab and INTERPOL revealed that malicious programs targeting Android-based devices in order to steal money were used in 60 percent of attempted attacks registered by Kaspersky Lab security products.
The report says there were more than 588,000 Android users worldwide who faced financial malware attacks (Trojan-SMS and Trojan-Banker) during the reporting period. That is six times greater than the number from the equivalent period 12 months earlier.
The cybercriminals frequently targeted Android users in Russia, Ukraine, Spain, United Kingdom, Vietnam, Malaysia, Germany, India and France.
Overall, 57.08 percent of all reported incidents involved attacks utilizing programs from the Trojan SMS malware family.
Russia received the greatest number of Trojan SMS attacks with 64.42 percent of all Kaspersky Lab anti-virus detections registered on devices of users from this country.
About a quarter of Trojan-SMS attacks were detected in Kazakhstan (5.71 percent), Ukraine (3.32 percent), Spain (3.19 percent), the UK (3.02 percent), Vietnam (2.41 percent), Malaysia (2.3 percent), Germany (2 percent), India (1.55 percent) and France (1.32 percent).
Another 1.98 percent of attacks used Trojan-Banker malware which, when combined with Trojan-SMS functionality, can steal bank card data as well as user names and passwords for online banking services. Russia is on top of this chart as well with 90.58 percent of all Trojan-Banker detections registered on the territory of the Russian Federation.
The rest of the top 10 all had a relatively small level of attacks and included Kazakhstan, Ukraine, Belarus, USA, Lithuania, Azerbaijan, Bulgaria, Germany and Uzbekistan.
Kaspersky Lab also found the number of mobile malware modifications grew sharply – from 423 in August 2013 to 5,967 in July 2014 – a 14-fold increase. The high level of modification growth found during this study shows that cybercriminals were creating multiple variations of their malware in attempts to go undetected by antivirus solutions and infect as many devices as possible.
Typically, antivirus companies will create a new signature within the software to defend against this type of tactic.
“During the past few years we have witnessed the rise of mobile cyber threats which have become more complex and intelligent enough to target specific entities,” said Madan Oberoi, director of Cyber Innovation & Outreach at INTERPOL’s Global Complex for Innovation.
“With the mobile market growing exponentially, it is clearer that these threats are mutating to include new attack vectors allowing the exploitation of personal smart devices,” Oberoi added.