Malware targeting mobile devices has increased for the fifth consecutive quarter and has increased 167 percent from Q1 2013 to Q1 2014, according to the latest McAfee Labs Threats Report.
Merchants aren’t the only ones putting more emphasis and importance on the mobile channel, fraudsters are as well. This is evidenced by the growth of new malware targeting consumers on mobile devices; McAfee catalogued 2.4 million new samples of mobile malware in 2013 and about 750,000 in just the first quarter of 2014.
An effective method for spreading malware is to package it in mobile apps and games. Fraudsters target popular apps, create clones and include a little something extra. This year has been no different, and fraudsters have had success emulating the Flappy Bird game, which suddenly became one of the most downloaded apps before it’s author was overwhelmed by the attention and removed it from app stores. Fraudsters capitalized on the popularity and demand for this game making many clones to serve as a Trojan Horse hiding their malware. In a sample of 300 Flappy Bird clones 238, nearly 80 percent, contained malware.
Fraudsters will also exploit vulnerabilities in legitimate mobile apps. Targeting an encryption weakness in the messaging app WhatsApp fraudsters were able to steal text conversations and photos sent between WhatsApp users.
In terms of the risks mobile malware presents to mobile device users, the McAfee Labs Threats Report described some of the behavior and activities fraudsters were able to deploy through their malware. This included extracting contact data, making phone calls, as well as sending and receiving text messages, which could be used to spread the malware further. Worse yet, different forms of mobile malware were able to track the device’s geolocation and gain root access to the device. With root access a fraudster could access and control anything on the device, including email, social media, banking and other applications or login information.
For more information: