Other issues in this category (22)
Harbour no illusions: They’re thieves
Tuesday, May 31, 2016
When, in 2007, Doctor Web released the first anti-virus for handhelds, malicious programs for mobile devices were so few that we committed ourselves to providing the application free of charge—we believed it was wrong to take money for something that protected devices against a possible future threat that barely existed at that time. Yet, we were also confident that threats targeting handhelds would emerge in large numbers. Later, other anti-virus developers followed our lead.
Just a short time has passed, and thanks to the tremendous popularity of mobile devices and the fact that one doesn't need a professional programming background to start writing apps for Android, the number of Android Trojans—and, more important, the number of infections caused by Trojans—is astronomical.
Graph showing how the number of entries for Android malware in the Dr.Web database has grown over time
Growth in the number of entries in 2014 — 102%
Growth in the number of entries in 2015 — 300%
We conducted research to determine what features attackers implement in malware and what sorts of things they are after. And this is what we found.
Most malicious programs for Android are created to steal money and information.
And when it comes to theft in cyberspace, criminals are particularly interested in applications and services that are popular among users. Android is a prime example. The criminals behind Android Trojans steal whatever they can from compromised devices.
- Money is their most important target for attack. For this, intruders usually employ backdoors.
- Logins and passwords.
- Outgoing SMS – Trojans transfer money from a mobile account to criminals by secretly sending premium messages from compromised devices.
- Inbound SMS – for example, SMS confirmations and requests related to subscriptions to premium services. Trojans hide them from users and covertly reply to the messages to make sure that the victim remains unaware of the subscription for as long as possible and doesn't do anything to disrupt the Trojan’s operation. Online banking system verification messages containing mTAN codes are also at risk.
- Calls — a user pays for covert calls to premium numbers.
- Call recordings.
- Contact information.
- Location information.
- Device information.
The activities of the most successful Trojan thieves can only be discovered after everything has already been stolen.
The Anti-virus Times recommends
- Malware makers, as well as those involved in the distribution of malware and who profit from such illicit activity, may be held criminally liable under the laws of your country.
- Dr.Web Security Space for Android provides protection from mobile theft. In addition to an anti-virus, it offers an entire array of security components such as an anti-theft; Cloud Checker, which verifies that the web pages you open are safe; the Security Auditor; and a firewall. You can download Dr.Web for Android from Google Play or from Doctor Web's site. A 14-day trial is available.
Users who have a commercial license for Dr.Web Anti-virus or Dr.Web Security Space have been enjoying our anti-virus solutions for handhelds free of charge since 2007.
And Doctor Web has no intention of changing that.