Kaspersky Lab researchers have seen the number of attacks using malicious mobile software nearly double in just a year. In 2018 there were 116.5 million attacks, compared to 66.4 million in 2017, with a significant increase in unique users being affected. Despite more devices being attacked, the number of malware files has decreased, leading researchers to conclude that the quality of mobile malware has become more impactful and precise. These and other findings are unveiled in Kaspersky Lab's report Mobile malware evolution 2018.
As the world becomes more mobile, the role of smartphones in business processes and day to day life is growing rapidly. In response, cybercriminals are paying more attention to how they are distributing malware and the attack vectors used. The channels through which malware is delivered to users and infects their devices is a key part of the success of a malicious campaign today, taking advantage of those users who do not have any security solutions installed on their phones.
The success of the distribution strategies is demonstrated not only by the increase in attacks, but also the number of unique users that have encountered malware. In 2018 this figure rose by 774,000 on the previous year, to 9,895,774 affected users. Among the threats encountered, the most significant growth was in the use of Trojan-Droppers, whose share almost doubled from 8.63% to 17.21%. This type of malware is designed to bypass system protection and deliver there all sorts of malware, from banking Trojans to ransomware.
“In 2018, mobile device users faced what could have been the fiercest cybercriminal onslaught ever seen. Over the course of the year, we observed both new mobile device infection techniques, such as DNS hijacking, along with an increased focus on enhanced distribution schemes, like SMS spam. This trend demonstrates the growing need for mobile security solutions to be installed on smartphones – to protect users from device infection attempts, regardless of the source,” said Viсtor Chebyshev, security expert at Kaspersky Lab.
Mobile Malware in Singapore and Southeast Asia
Data from Kaspersky Lab revealed that 7.57% of users in Singapore were attacked by mobile malware last year. This places the country at the 40th spot in nations with the highest number of users infected by threats against smartphones.
For Southeast Asia, Indonesia recorded the highest percent of users affected by mobile threats at 34.84%, followed by the Philippines at 26.81%, and Malaysia at 22.81%. Vietnam and Thailand are the lowest with 5.87% and 2.57% users infected by mobile malware in 2018.
Singapore, however, recorded a relatively high banking malware infection rate at 0.14%, compared to its neighbors: Philippines (0.06%), Indonesia (0.08%), and Thailand (0.10%). Malaysia has the highest number of detected mobile banking attacks in Southeast Asia (0.40%), followed by Vietnam (0.19%).
“Singapore, alongside other developed countries in Asia Pacific, is on track towards becoming a cashless society. With the country’s booming startup industry and continued rise in numbers of big companies, Singapore can be considered a lucrative financial hub in the region. Combined with its high level of smartphone penetration, the country has become an obvious target for attackers. It is crucial for financial institutions, service providers, and all Singaporeans to beef up their vigilance, especially as mobile banking gains traction in the country,” says, Yeo Siang Tiong, General Manager of Southeast Asia at Kaspersky Lab said.
Other findings in the mobile malware evolution 2018 report include:
• In 2018 Kaspersky Lab products protected 80,638 users in 150 countries against mobile ransomware, with 60,176 mobile ransomware Trojans samples detected
• In 2018, a fivefold increase in attacks using mobile malicious crypto currency miners was observed.
• In 2018, 151,359 installation packages for mobile banking Trojans were detected, which is 1.6 times more than in the previous year
In order to protect your devices, Kaspersky Lab security experts advise the following:
• Only install mobile applications from official app stores, such as Google Play on Android devices or the App Store on iOS
• Block the installation of programs from unknown sources in your smartphone’s settings
• Do not bypass device restrictions as this might provide cybercriminals with limitless capabilities to carry out their attacks
• Install system and application updates as soon as they are available — they patch vulnerabilities and keep devices protected. Note that the mobile OS system updates should never be downloaded from external resources (unless you are participating in official beta-testing). Application updates can only be installed through official app stores
• Use reliable security solutions for comprehensive protection from a wide range of threats, such as Kaspersky Security Cloud.