Android to Become ‘Workhorse’ of Cybercrime

PARIS — As of the end of 2014, 16 million mobile devices worldwide have been infected by malicious software, estimated Alcatel-Lucent’s security arm, Motive Security Labs, in its latest security report released Thursday (Feb. 12).

Such malware is used by “cybercriminals for corporate and personal espionage, information theft, denial of service attacks on business and governments and banking and advertising scams,” the report warned.

Some of the key facts revealed in the report — released two weeks in advance of the Mobile World Congress 2015 — could dampen the mobile industry’s renewed enthusiasm for mobile payment systems such as Google Wallet and Apple Pay.

At risk is also the matter of privacy. How safe is your mobile device? Consumers have gotten used to trusting their smartphones, expecting their devices to know them well enough to accommodate their habits and preferences. So the last thing consumers expect them to do is to channel spyware into their lives, letting others monitor calls and track web browsing.

Cyber attacks
The latest in a drumbeat of data hacking incidents is the massive database breach reported last week by Anthem Inc., the second largest health insurer in the United States. There was also the high profile corporate security attack on Sony in late 2014.

Declaring that 2014 “will be remembered as the year of cyber-attacks,” Kevin McNamee, director, Alcatel-Lucent Motive Security Labs, noted in his latest blog other cases of hackers stealing millions of credit and debit card account numbers at retail points of sale. They include the security breach at Target in 2013 and similar breaches repeated in 2014 at Staples, Home Depot Sally Beauty Supply, Neiman Marcus, United Parcel Service, Michaels Stores and Albertsons, as well as the food chains Dairy Queen and P. F. Chang.

“But the combined number of these attacks pales in comparison to the malware attacks on mobile and residential devices,” McNamee insists. In his blog, he wrote, “Stealing personal information and data minutes from individual device users doesn’t tend to make the news, but it’s happening with increased frequency. And the consequences of losing one’s financial information, privacy, and personal identity to cyber criminals are no less important when it’s you.”

'Workhorse of cybercrime'
Indeed, malware infections in mobile devices are on the rise. According to the Motive Security Labs report, malware infections in mobile devices jumped by 25% in 2014, compared to a 20% increase in 2013.

According to the report, in the mobile networks, “Android devices have now caught up to Windows laptops as the primary workhorse of cybercrime.” The infection rates between Android and Windows devices now split 50/50 in 2014, said the report.

This may be hardly a surprise to those familiar with Android security. There are three issues. First, the volume of Android devices shipped in 2014 is so huge that it makes a juicy target for cyber criminals. Second, Android is based on an open platform. Third, Android allows users to download apps from third-party stores where apps are not consistently verified and controlled.

In contrast, the report said that less than 1% of infections come from iPhone and Blackberry smartphones. The report, however, quickly added that this data doesn’t prove that iPhones are immune to malware.

The Motive Security Labs report cited findings by Palo Alto Networks in early November. The Networks discussed the discovery of WireLurker vulnerability that allows an infected Mac OS-X computer to install applications on any iPhone that connects to it via a USB connection. User permission is not required and the iPhone need not be jail-broken.

News stories reported the source of the infected Mac OS-X apps as an app store in China that apparently affected some 350,000 users through apps disguised as popular games. These infected the Mac computer, which in turn infected the iPhone. Once infected, the iPhone contacted a remote C&C server.

According to the Motive Security Labs report, a couple of weeks later, FireEye revealed Masque Attack vulnerability, which allows third-party apps to be replaced with a malicious app that can access all the data of the original app. In a demo, FireEye replaced the Gmail app on an iPhone, allowing the attacker complete access to the victim’s email and text messages.

Spyware on the rise
It’s important to note that among varieties of malware, mobile spyware is definitely on the increase. According to Motive Security Labs, “Six of the mobile malware top 20 list are mobile spyware.” These are apps used to spy on the phone’s owner. “They track the phone’s location, monitor ingoing and outgoing calls and text messages, monitor email and track the victim’s web browsing,” according to Motive Security Labs.

Impact on mobile payment
For consumers and mobile operators, the malware story hits home hardest in how it may affect mobile payment. McNamee wrote in his blog:

The rise of mobile malware threats isn’t unexpected. But as Google Wallet, Apple Pay and others rush to bring us mobile payment systems, security has to be a top focus. And malware concerns become even more acute in the workplace where more than 90% of workers admit to using their personal smartphones for work purposes.

Fixed broadband networks
The Motive Security Labs report didn’t stop at mobile security. It also looked at residential fixed broadband networks. The report found the overall monthly infection rate there is 13.6%, “substantially up from the 9% seen in 2013,” said the report. The report attributed it to “an increase in infections by moderate threat level adware.”

Why is this all happening?
The short answer to why this is all happening today is that “a vast majority of mobile device owners do not take proper device security precautions,” the report said.

Noting that a recent Motive Security Labs survey found that 65 percent of subscribers expect their service provider to protect both their mobile and home devices, the report seems to suggest that the onus is on operators. “They are expected to take a proactive approach to this problem by providing services that alert subscribers to malware on their devices along with self-help instructions for removing it,” said Patrick Tan, General Manager of Network Intelligence at Alcatel-Lucent, in a statement.

Due to the large market share it holds within communication networks, Alcatel-Lucent says that it’s in a unique position to measure the impact of mobile and home device traffic moving over those networks to identify malicious and cyber-security threats. Motive Security Labs is an analytics arm of Motive Customer Experience Management.

According to Alcatel-Lucent, Motive Security Labs (formerly Kindsight Security Labs), processes more than 120,000 new malware samples per day and maintains a library of 30 million active samples.

In the following pages, we will share the hilights of data collected by Motive Security Labs.

To read the rest of this article, visit EBN sister site EETimes.

0 comments on “Android to Become ‘Workhorse’ of Cybercrime

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.