According to a security report from NQ Mobile Security, mobile malware is on the high rise. In 2012, malware infections grew by 163% year-over-year. There were 65,227 newly discovered mobile malware floating around, compared to the 24,794 that were discovered back in 2011. The malware is beginning to spread to various markets, including China, India, Russia, the United States, and Saudi Arabia.
NQ says that 94.8% of the newly discovered malware were design to infect Android devices. Over 32.8 million Android devices were infected in 2012, over 3x the 10.8 million Android handsets infected back in 2011. The most infected countries are China, with 25.5% of its Android devices being infected, followed by India with 19.4% infected mobile devices, and Russia with 17.9% infected mobile devices. United States and Saudi Arabia are also highly affected, both with 10% of their mobile devices being infected by malware.
There are 4 new pieces of Malware that NQ says is infecting mobile devices. There’s the VDloader, which runs as a client inside Android devices. It then connects to a remote server. It disguises itself as a regular app, and only activates when requested. FireLeaker is disguised as a widget, but remains invisible on your device. It collects specific device info from the victim, including their mobile number, IMEI number, system number, contact data, and more, and it uploads it all to a remote server.
DDSpy is an invisible malware that disguises itself as Gmail, but is invisible in the apps list. It communicates through SMS, and it features a GPS hook, which activates malware based on specific GPS or cell site location. Lastly, we have DyPusher, which uploads specific device information like FireLeaker, but also downloads apps and files to the device without the user’s permission.
NQ says that there are many factors to why these infections are massively spreading. One has to do with the fragmentation in Android, with 39% of users still running Android 2.3 Gingerbread. Second, there is app sideloading, where users install apps via other methods instead of Google Play. Then, to piggyback off of app sideloading, there are 58% young Android users who download around 41+ apps for their devices, many of which who use App Sideloading to do so.
Lastly, many Android users lack security features on their devices, such as passcodes or antivirus software. Yesterday, Lookout demonstrated just how easy it is to hack into someone’s phone. So the lesson for today is, download anti-virus software for your Android device, and don’t install suspicious apps from 3rd parties.