In its latest study, ESET points out that viruses and worms spreading through flash drives along with rise in malware targeting Android OS are the main trends of malware landscape in India in 2013. In its official statement, ESET adds that as per its last year’s report, malware for mobile phones was marked a main trend of 2012. This time, the researcher focused on malware for Android OS as the market share of Android mobile phones has been increasing dramatically.
During the first quarter of 2012, according to IDC statistics, the Google OS Android recorded a year-over-year rise of 145 percent in market share. Furthermore, Juniper in its whitepaper “Banking Anytime Anywhere” estimates that in 2013, the number of users accessing banking services from their smartphones will rise to 530 million. According to the same study, in 2011, there were only 300 million individuals who accessed banks from their phones.
Malware on Android to rise
“There are over 27 million smartphone users in India, according to different estimations. Though it comes to about only 3 percent of total mobile phone users in the country, we see the huge growth of smartphones’ usage. Moreover, even the majority of cheap handsets run Android OS. Although we didn’t register many cases of Android malware in India, comparing to some other countries, once Indian will start actively using their mobiles for online shopping, banking, etc. the picture will change immediately”, says Pankaj Jain, Director at ESET India.
Not only an exponential growth of mobile malware, but the fact that malware is becoming more complex, thus expanding the range of malicious actions they perform on an infected device makes it the main concern for security community in 2013. Going further, ESET highlights another trend: the malware propagation by means of removable storage devices is decreasing globally in favour of the use of an intermediary in order to attract new victims. Simply speaking, instead of compromising system through infected flash drives and other removable media, bad guys compromise web servers to host malware and then send out the hyperlinks leading the users to the malware.
Although throughout 2012, all detections related to INF/Autorun malware family, variety of malware using the file autorun.inf on Windows computers as a way of compromising a PC, have been steadily decreasing in India, this threat continues to dominate. That means USB flash drives are still an effective way of compromising computers. One of the reasons, according to ESET researchers, is that Indian users are still prone to using pirated software including OS itself along with pirated security software if at all the latter is installed on the system. Moreover, a very basic security practice as scanning removable media with security software is ignored by majority of Indian computer users.
The report, among its other trends, noted that SMS Trojans are the most common malware types for Android devices and the highest increase in the number of variants were represented by just two threats of this kind.
During 2012, out of the reports of all unique detections of malware designed for the Google operating system, the Android/TrojanSMS.Boxer.AQ Trojan tops the list. It is followed by Android/Plankton.H and Android/TrojanSMS.Agent.BY.Gen.
As long as this type of fraudulent business stays profitable and easy to implement for cybercriminals, it is likely that SMS Trojans will continue to be the most common mobile threat category during 2013.