Mobile porn, banking becoming increasingly tempting targets for malware authors

Malicious advertising has dropped and pornography surged as a proportion of key infection vectors for mobile users, according to new research into mobile malware that has also found more than 1.5m “malicious packages” were installed on mobiles during the third quarter.

The surge in infections from visits to pornography sites was observed within Blue Coat Systems' 2015 Mobile Malware Report, which found that more than 36 percent of visitors headed towards a malicious Web site had gotten there from a pornography site. This was more than double the 16.55 percent observed last year.

There was good news for those mobile users who don't visit pornography sites, however: the research also found that the percentage of visits to malicious sites coming from Web advertisements had dropped significantly, from nearly 20 percent in 2014 to less than 5 percent this year.

Malvertising has been an ongoing issue this year, with the likes of Yahoo, Google (twice) GameZone and Huffington Post among the many sites forced to remediate advertising hijacking.

The latest figures suggest an easing after record-high levels of malvertising were reported in June by security firm Invincea, although the discrepancy could be due to the Blue Coat report's focus on often stripped-down, mobile-optimised sites.

Yet with mobile ransomware growing “dramatically” over the last year and modern smartphones becoming increasingly powerful, “it was only a matter of time before more advanced cryptographic ransomware [such as the SimpleLocker Android ransomware]] started showing up on mobile devices,” the report noted.

The findings corroborate separate research from Kaspersky Lab, which has been warning about surging mobile malware for some time and this month reported that the company's mobile security products had detected more than 1.5m malicious packages – including 323,374 new malicious mobile programs – during calendar Q3. This represented a 10.8 percent increase over Q2 and 3.1 times the volume detected in Q1.

Much of this malware was designed to try to steal online-banking credentials, with the long-lived Upatre malware used in 63.1 percent of such attacks. “Most of the countries in the top 10 have significant numbers of online banking users, attracting cybercriminals,” the Kaspersky report warned, noting that the company's tools had blocked nearly 626,000 attempts to launch malware “capable of stealing money via access to users' online banking”.

The surge in mobile attack vectors should be a concern for any mobile user, Blue Coat CTO and senior vice president Dr. Hugh Thompson said in a statement.

“The implications of this nefarious activity certainly carry over to corporate IT as organisations rapidly adopt cloud-based, mobile versions of enterprise applications, opening up another avenue for attackers,” he said.

“A holistic and strategic approach to managing risk must extend the perimeter to mobile and cloud environments—based on a realistic, accurate look at the problem—and deploy advanced protections that can prioritise and remediate sophisticated, emerging and unknown threats.”


Want to know more?

Why not become a CSO member and subscribe to CSO's mailing list.

Get newsletters, updates, events and more right here.


Tags malwareBlue Coat SystemsmalvertisingCSO AustraliaMobile Malware ReportMobile pornSimpleLocker

Show Comments