October 21, 2014

Lookout: Mobile Threats on Rise, Finds First Attack Focused on U.S. Users

Mobile Mobile Security released their latest Threat Report today, pulling together data from 700,000 applications across 10 million devices from around the world. Their findings indicate that malware attacks and threats on the rise, up two 250% from where it was just six months ago. Lookout estimates that between a half million and one million users were affected in some capacity over the first half of the year.

A scary number to be sure, however to put things into perspective, remember that more than one half million Android devices are activated every single day. Our advice to readers has always been the same – don’t download stuff if it doesn’t smell right to you. And shy away from those random new “markets” that haven’t proven themselves.  Another step to take is to keep an eye on websites and links whenever you click them.  Sometimes these are not as advertised. Also, as a rule,  those of you living in the United States are generally not affected by these threats. Generally.

While Lookout’s figures tend to skew a bit outside of the United States (China, Russia and Eastern Europe), the security firm has found that a new threat, GGTracker, specifically targets U.S.-based users.  This malware has been found to sign users up to premium text messaging services with fees ($10-$50)  that show up on the monthly carrier bill.

Protect yourselves, kids.  Download and install Lookout or another mobile security app.  There’s nothing wrong with be a little safe with your smart phone.  As these handsets become more desktop-like and capable, the bad guys are finding new ways to exploit them

Read through to check out the full press release from Lookout Mobile Security.

Lookout Finds Significant Increase in Mobile Threat Activity in Past Six Months

First Threat Discovered that Targets U.S.-Based Android Users to Steal Money

San Francisco —August 3, 2011—Lookout Mobile Security, the leader in mobile security, today announced the results of its Mobile Threat Report, based on threat data from its Mobile Threat Network, which includes data collected from more than 700 thousand apps and 10 million devices worldwide. Lookout found that mobile malware has increased significantly, with Android users two-and-a-half times as likely to encounter malware today than just six months ago. Lookout estimates that between a half million and one million users were affected by mobile malware in the first half of 2011. At the same time, web-based threats which operate across platforms, have emerged as a significant part of the threat landscape with three out of ten mobile users likely to click on an unsafe link, including malicious and phishing links, over the course of a year.

New Threat Steals Money by Charging Users for Premium Rate Text Messages

GGTracker, discovered in June 2011, is the first known Android malware that specifically targets U.S.-based Android users. This malware signs users up for premium text message subscription services without their knowledge, charging $10 per service to a person’s phone bill. In some cases users were charged for multiple services with total charges ranging up to $50. Previously, these types of attacks mainly affected Android users in China, Russia and Eastern Europe. In addition to the monetary impact of the malware, GGTracker used new techniques to broadly distribute the malware including Malvertising.

Malware Developers Explore New Distribution Methods

During the first half of 2011, Lookout found that attackers repackage legitimate applications with malware, creating Trojan applications that appear to be legitimate, but in fact are malicious, and post them to app stores and download sites. More recently, malware writers are using new techniques to secure wide distribution. Attackers employ a tactic called Malvertising, whereby they use mobile ads to direct users to a malicious website that triggers an automatic download of malware. Additionally, Lookout saw the first Update Attack, in which an attacker first publishes a legitimate application with no malware, and once they have a large user base, they release an update that includes malware so the entire user base gets the updated infected application.

In the First Half of 2011 the Number of Malicious Apps Grew to 400

During the first half of 2011, the number of unique apps with malware found on markets and download sites grew from 80 to 400 apps. Two of the most prevalent threats, DroidDream and GGTracker, were regularly published in new apps over the first half of the year. During this period, the authors of DroidDream released more than 80 unique applications with variations of malware to take control of a user’s phone. Similar to DroidDream, the authors of GGTracker continue to publish new infected apps across app stores and download sites, bringing its total infected app count up to 15 since mid-June.

How to Stay Safe

“As mobile devices grow in popularity, so do the incentives for attackers,” says Kevin Mahaffey, CTO and co-founder of Lookout Mobile Security. “We’ve seen the prevalence and the level of sophistication of mobile malware attacks evolve significantly in the first six months of 2011. We expect this trend to continue as more and more people adopt mobile devices.”

As the frequency of mobile threats increase, people can take measures to stay safe:

· Only download apps from trusted sources, such as reputable app stores and download sites. Remember to look at the developer name, reviews, and star ratings.
· After clicking on a web link, pay close attention to the address to make sure it matches the website it claimed to be.
· Download a mobile security tool that scans every app you download for malware and spyware, and can help you locate a lost or stolen device. For extra protection, make sure your security app can also protect from unsafe websites.
· Be alert for unusual behavior on a phone. This behavior could be a sign that the phone is infected. These behaviors may include unusual text messages, strange charges to the phone bill, and suddenly decreased battery life.

About Lookout Mobile Security

Lookout is a mobile security company dedicated to making the mobile experience safe for everyone. Lookout delivers award-winning protection from the growing threats facing mobile users today including malware and spyware, phishing scams, data loss, and device loss. Lookout is cross-platform, cloud-connected and designed from the ground up to provide advanced protection for smartphones while remaining lightweight and efficient on the phone. With users across 400 mobile networks in 170 countries, Lookout is a world leader in smartphone security. Headquartered in San Francisco, Lookout is funded by Accel Partners, Index Ventures, Khosla Ventures and Trilogy Equity Partners. For more information and to download the application, please visit www.mylookout.com.