You are here: Home » TECHNOLOGY » Trend Micro Finds 718,000 Malicious Android Apps in Q2 2013

Trend Micro Finds 718,000 Malicious Android Apps in Q2 2013

Dhanya Thakkar, Country Manager, India & SAARC, Trend Micro

Dhanya Thakkar, Country Manager, India & SAARC, Trend Micro

Trend Micro’s Q2 2013 security round up report suggests that the number of malicious and high risk android apps surged from 5,09,000 in the first quarter to 7,18,000 in the second quarter and the volume is expected to exceed one million by the end of 2013.

“In 2012, we saw how the number of mobile malware quickly grew to the same volume that PC malware took more than a decade to reach. In just six months, number of malicious high risk apps surged by more than 3,50,000. The majority of these malware were still packaged as spoofed or Trojanized versions of popular apps. Similar to the previous quarter, almost half of the mobile malware uncovered this quarter were designed to subscribe unwitting users to costly services. Almost 99% of Android devices were deemed vulnerable to android master key vulnerability,” says Dhanya Thakkar, Country Manager, India & SAARC, Trend Micro.

The vulnerability allows installed apps to be modified without users’ consent. It further raised concerns about mostly relying on scanning apps for protection, along with the fragmentation that exists in the Android ecosystem. OBAD (ANDROIDOS_OBAD.A) also exploited an Android vulnerability. Once installed, OBAD requests root and device administrator privileges, which allow it to take full control of an infected device. This routine rings similar to PC backdoors and rootkits.

OBAD repeatedly shows popup notifications to convince users to grant permissions. It also makes use of a new obfuscation technique that renders detection and cleanup more difficult to do. The FAKEBANK malware spotted this quarter, meanwhile, spoofs legitimate apps. It contains specific Android application package files (APKs), which it copies to a device’s Secure Digital (SD) card.

Using the APK files, the malware displays icons and a user interface that imitates legitimate banking apps. This technique is reminiscent of PC banking Trojans that monitor users’ browsing behaviors and spoofs banking sites.

Trend Micro also found more fake antivirus (FAKEAV) malware this quarter that even more closely resembled legitimate ones. Targeted attacks found their way to mobile devices as well in the form of the CHULI malware, which arrives as an attachment to spear-phishing emails.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

About Kalpana Singhal

Kalpana Singhal is Co-Founder & Editor in Chief at Techplus Media. She is an Innovative & challenger Entrepreneur who started her journey from corporate communication in early 2001 with I.T. Industry followed by Lead - Editorial at BeautyIndia.in in 2008 . You can follow her on twitter, Google+ and Facebook.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>