McAfee Labs: More Android Malware

McAfee Labs notices an upturn in the amount of Android malwareMcAfee Labs is the latest security vendor to add its voice to the growing chorus of security vendors warning of a malware epidemic on the Android platform.

The company’s McAfee Threats Report: Second Quarter 2013 notes a 35 percent growth rate in Android malware, the kind of increase the company has not seen for more than a year.

The security vendor says the growth in Android malware is largely coming from a growing number of applications with Trojans in them, including those dedicated to stealing banking information. McAfee reports four new applications that work by capturing a user’s account name and password, as well as intercepting the SMS message that many banks send with credentials as part of their two-factor authentication plans. With those combined bits of information, the parties behind the apps can access a user’s accounts and potentially transfer funds.

The McAfee Threats Report also “discovered a surge” in dating and entertainment applications that con users into signing up for non-existent paid services, as well as a variety of other Trojan horse techniques, including apps hiding as useful tools, but ultimately installing spyware or collecting users’ personal information, including contact lists, SMS messages, location and call log data.

“The mobile cybercrime landscape is becoming more defined as cyber gangs determine which tactics are most effective and profitable,” said

Vincent Weafer, senior vice president, McAfee Labs. “As in other mature areas of cybercrime, the profit motive of hacking bank accounts has eclipsed the technical challenges of bypassing digital trust. Tactics such as dating and entertainment app scams benefit from the lack of attention paid to such schemes, while others simply target the mobile paradigm’s most popular currency: personal user information.”

McAfee Labs is just the latest security company to note a rising tide of Android malware. Earlier this month, Trend Micro reported a sharp rise in the number of infected applications it detected on the Google Play app store, and Kaspersky Lab’s chief malware expert Alex Gosteve this month reported that the company is detecting some 5,000 new mobile Trojans every week. In the U.K., anti-virus vendor G Data reported some 520,000 new malicious files for Android in the first half of 2013.

This rising tide of malware on the popular Android platform comes as many companiescontinue to struggle with challenges around BYOD concepts, and many organizations are tacitly allowing employees to bring their own devices to the workplace, whether or not there is a policy and process in place to manage security and privacy threats on those devices.

Away from the mobile front, McAfee Labs notes a few areas of growth for malware. The company says it has catalogued more examples of ransomware over the past two quarters than it has over all previous reporting periods combined, including more than 320,000 new ransomware samples over the course of the second quarter, more than twice the number it reported in the first quarter.

Malware authors are also increasingly attaching legitimate digital signatures to their work, with 1.2 million new samples of malware with legitimate certificates attached to them, a shift McAfee Labs warns “could inevitably undermine confidence in the global certificate trust infrastructure.”

The number of URLs distributing malware continues to grow, with the company reporting 74.7 million suspect or suspicious URLs playing a role (willingly or unwillingly) in disseminating malware, up 16 percent over first-quarter numbers.

And as the Bitcoin system of digital currency continues to gain traction with users, the criminals are also taking a closer look. McAfee Labs reports a number of distributed denial of service attacks against Bitcoin infrastructure, as well as the debut of new malware that attempts “to mine and steal the virtual currency.”

On the spam front, McAfee Labs reported more than 5.5 trillion unwanted commercial messages, for more than 70 percent of global e-mail volume.