The number of malicious installation packages found striking mobile devices more than tripled in 2016 resulting in almost 40 million attacks by malicious mobile malware, according to Kaspersky Labs.
Kaspersky's Mobile Malware Evolution 2016 report noted several trends that exploded last year, including the overall growth of mobile malware with 8.5 million malicious installation packages detected and the continued rapid development of mobile banking trojans with 128,886 being spotted. In addition, there were 261,214 non-banking mobile trojans found.
“As a comparison, from 2004 to 2013 we detected over 10,000,000 malicious installation packages; in 2014 the figure was nearly 2.5 million,” said Kaspersky Labs researcher Roman Unuchek, noting the number of attacks increased dramatically staring in late June – a trend that lasted through the end of the year.
One reason behind the large number of attacks is the fact that most smart phones and other mobile devices either receive no or late operating system updates leaving the device vulnerable to attack, particularly to the number one threat of 2016, advertising trojans that exploit super-user rights.
“Root privileges provide these Trojans with almost unlimited possibilities, allowing them to secretly install other advertising applications, as well as display ads on the infected device, often making it impossible to use the smartphone. In addition to aggressive advertising and the installation of third-party software, these Trojans can even buy apps on Google Play,” Unuchek wrote.
Google Play also found itself at the center of the mobile malware problem. Cybercriminals favored, among many others, video and computer cleaner apps to spread Trojan.AndroidOS.Ztorg.ad and Trojan-Ransom.AndroidOS.Pletor.d. The former malware steals login credentials, while the latter is a type of ransomware. Some of the infected apps were downloaded many thousands of times.
Despite the huge number of attacks and amount of malware being spread, mobile malware was primarily a major problem in only certain countries. Bangladesh, Iran, Nepal and China had the highest ratio of attacks with at least 40 percent of all mobile device users in those countries being infected. Other top targeted nations included Indonesia, India and Russia.
However, when it came to mobile banking malware the most infected nation list looks much different. While Russia is the most impacted nation, Australia is second on the list followed by Ukraine, Uzbekistan and Tajikistan. South Koreans are also one of the top ten most attacked people.
Cybercriminals pushing mobile ransomware went after a much different demographic by following the money and hitting Germans, Americans, Canadians and the Swiss most often.