Some of the most noteworthy findings in the Kaspersky Lab “IT Threat Evolution Report for Q1 of 2015” involve mobile devices, Patrick Nielsen, senior security researcher at Kaspersky Lab, told SCMagazine.com in a Wednesday email correspondence.
In the first quarter of this year, Kaspersky Lab mobile security products detected 147,835 installation packages, 103,072 new malicious mobile programs, and 1,527 mobile banking trojans, according to statistics in the report.
Kaspersky Lab saw 3.3 times as many new malicious mobile programs in Q1 2015 than it did in the final quarter of last year, Nielsen said. He added that mobile ransomware saw a 65 percent increase in samples, and that mobile browsers accounted for 64 percent of mobile exploits.
Nielsen said that mobile malware is increasingly being used to target those who take care of banking on their devices, and that some mobile malware – such as Trojan-Banker.AndroidOS.Svpeng.f – has been observed uninstalling known antivirus products from Avast, ESET and Dr. Web.
“In terms of malware, iOS remains pretty safe, given the closed app ecosystem and the smaller global market share of iOS,” Nielsen said. “However, it's important to note that many kinds of malware are adopting social engineering as the primary method of compromise, and so iOS users should still be vigilant, particularly as iOS grows and becomes a more appealing target.”
Regionally, Russia easily topped the list of countries attacked by mobile malware, and it even more convincingly topped the list of countries attacked by mobile banker trojans, according to the findings.
“The overall theme, from desktop to mobile, is criminal financial gain,” Nielsen said. “Banking trojans that steal online banking credentials, whether from your computer or smartphone, are very common. Cybercriminals are getting smarter, and have new technology like Bitcoin to work with, as we're increasingly seeing with ransomware.”
Nielsen noted that, on the web, online banking threats showed a more than 64 percent increased in the first quarter of this year over the final quarter of 2014, and that many of the targets are in Brazil, Russia and the U.S.
“The whole software industry is moving toward browsers and “web tech,” so it makes sense that web tech is increasingly targeted,” Nielsen said. “The same functionality and portability advantages developers enjoy are also being enjoyed by cybercriminals. Browsers themselves are huge targets as well.”
Altogether, Kaspersky Lab products blocked more than two billion total attacks in the first quarter of this year, and the security company's solutions blocked nearly 470 million attacks launched from online resources – such as malicious scripts – located around the world.
Best practices for organizations and users include keeping all devices updated, being mindful of social engineering, disallowing third-party software, segregating sensitive devices from non-sensitive devices, and backing up systems, Nielsen said.