by October 8, 2013 0 comments

According to Trend Micro’s Q2 2013 Security Roundup Report, the number of malicious and high-risk Android apps surged from 509,000 in the first quarter of 2013 to 718,000 in the second quarter. This volume is expected to exceed one million by the end of 2013.

The vulnerability allows installed apps to be modified without users’ consent. It further raised concerns about mostly relying on scanning apps for protection, along with the fragmentation that exists in the Android ecosystem. OBAD (ANDROIDOS_OBAD.A) also exploited an Android vulnerability. Once installed, OBAD requests root and device administrator privileges, which allow it to take full control of an infected device. This routine rings similar to PC backdoors and rootkits.

OBAD repeatedly shows popup notifications to convince users to grant permissions. It also makes use of a new obfuscation technique that renders detection and cleanup more difficult to do. The FAKEBANK malware spotted this quarter, meanwhile, spoofs legitimate apps. It contains specific Android application package files (APKs), which it copies to a device’s Secure Digital (SD) card.

Using the APK files, the malware displays icons and a user interface that imitates legitimate banking apps. This technique is reminiscent of PC banking Trojans that monitor users’ browsing behaviors and spoofs banking sites.

Trend Micro also found more fake antivirus (FAKEAV) malware this quarter that even more closely resembled legitimate ones. Targeted attacks found their way to mobile devices as well in the form of the CHULI malware, which arrives as an attachment to spear-phishing emails.

No Comments so far

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.

<