Kindsight Security Labs figures reveal jump in mobile and residential attacks in first half of 2014, with an estimated 15 million mobile devices infected with malware, led by Android smartphones
Paris, France, September 4, 2014 - Alcatel-Lucent today released new data showing that security threats to mobile and residential devices jumped sharply during the first half of 2014, putting device owners at increased risk of being spied on, having personal information stolen, or experiencing ‘bill shock’ as result of pirated data usage.
Figures for the first half of 2014 from Alcatel-Lucent’s Kindsight Security Labs reveals that malicious software or ‘malware’ used by hackers to gain access to devices continues to rise with consumer ultra-broadband usage. Its report found that mobile malware infections increased 17 percent during the first six months of 2014, growing at nearly double the rate seen for the entirety of 2013. Similarly, residential infections in fixed networks jumped to 18 percent at the end of June, after being 9 percent in December 2013.
Due to Alcatel-Lucent’s unique position within networks, it can measure the impact of traffic types traversing the network, including malicious and cyber-security threats.
The mobile infection rate was 0.65 percent during the first half of 2014, compared to 0.55 at the end of 2013. Based on this, Kindsight Security Labs estimates 15 million mobile devices are infected with malware, up from 11.3 million at the end of 2013. Android devices accounted for 60 percent of total mobile network infections. Forty percent of mobile malware originated from Windows? laptops connected to a phone or connected directly through a mobile USB stick or MIFI hub. Infections on iPhone? devices and BlackBerry? devices made up less than 1 percent.
“Android smartphones are the easiest malware target, but Windows laptops are still the favorite of hard core professional cybercriminals,” said Kevin McNamee, security architect and director of Alcatel-Lucent’s Kindsight Security Labs. “The quality and sophistication of most Android malware is still behind the more mature Windows PC varieties. Android malware makes no serious effort to conceal itself and relies on unsuspecting people to install an infected app.”
Mobile network infections frequently took the form of trojanized applications which look fine on the surface but contain hidden malware that when downloaded by Android owners from third party app stores, Google Play? Store or by phishing scams can steal personal information on one’s phone or send SMS messages and browse the web.
The rise in 2014 residential infection rates is primarily attributed to moderate threat level adware, which primarily poses an annoyance for device owners such as unwanted ads or sub par device performance. However, high level malware threats that can do serious damage by stealing personal information, passwords and credit card information also experienced a modest gain. Seven percent of broadband residential customers were infected with high-level threats: up from 5 percent at the end of 2013.
The Kindsight Security Labs report also includes the top 20 home and Internet malware threats in the first six months of 2014, as well as analysis of malware developments, including ZeroAccess, iBryte, Carberp, Uapush, Coogos, NotCompatible, SMS Tracker and others. High level malware threats comprised 85% of the threats found on the Top 20 Android List, where four instances are mobile spyware used by an attacker to remotely track and monitor a device owner’s location, communications and browser history. Five of the seven new malware entries in the Residential Top 20 List are adware which can redirect a victim’s browser to undesirable web sites and create unwanted pop-up ads.
“The best defense against infection is network-based malware detection,” adds McNamee. “People frequently don’t take appropriate security precautions for their devices, and even when they do a malicious app can easily evade detection by device-based anti-virus. Network based anti-virus embedded on an operator’s network cannot be disabled by cybercriminals, is always on and up to date.”