Mobile porn, banking becoming increasingly tempting targets for malware authors

Malicious advertising has dropped and pornography surged as a proportion of key infection vectors for mobile users, according to new research into mobile malware that has also found more than 1.5m “malicious packages” were installed on mobiles during the third quarter.

The surge in infections from visits to pornography sites was observed within Blue Coat Systems' 2015 Mobile Malware Report, which found that more than 36 percent of visitors headed towards a malicious Web site had gotten there from a pornography site. This was more than double the 16.55 percent observed last year.

There was good news for those mobile users who don't visit pornography sites, however: the research also found that the percentage of visits to malicious sites coming from Web advertisements had dropped significantly, from nearly 20 percent in 2014 to less than 5 percent this year.

Malvertising has been an ongoing issue this year, with the likes of Yahoo, Google (twice) GameZone and Huffington Post among the many sites forced to remediate advertising hijacking.

The latest figures suggest an easing after record-high levels of malvertising were reported in June by security firm Invincea, although the discrepancy could be due to the Blue Coat report's focus on often stripped-down, mobile-optimised sites.

Yet with mobile ransomware growing “dramatically” over the last year and modern smartphones becoming increasingly powerful, “it was only a matter of time before more advanced cryptographic ransomware [such as the SimpleLocker Android ransomware]] started showing up on mobile devices,” the report noted.

The findings corroborate separate research from Kaspersky Lab, which has been warning about surging mobile malware for some time and this month reported that the company's mobile security products had detected more than 1.5m malicious packages – including 323,374 new malicious mobile programs – during calendar Q3. This represented a 10.8 percent increase over Q2 and 3.1 times the volume detected in Q1.

Much of this malware was designed to try to steal online-banking credentials, with the long-lived Upatre malware used in 63.1 percent of such attacks. “Most of the countries in the top 10 have significant numbers of online banking users, attracting cybercriminals,” the Kaspersky report warned, noting that the company's tools had blocked nearly 626,000 attempts to launch malware “capable of stealing money via access to users' online banking”.

The surge in mobile attack vectors should be a concern for any mobile user, Blue Coat CTO and senior vice president Dr. Hugh Thompson said in a statement.

Read more: ​Google applies DoubleClick filter to sideline ad injector business

“The implications of this nefarious activity certainly carry over to corporate IT as organisations rapidly adopt cloud-based, mobile versions of enterprise applications, opening up another avenue for attackers,” he said.

“A holistic and strategic approach to managing risk must extend the perimeter to mobile and cloud environments—based on a realistic, accurate look at the problem—and deploy advanced protections that can prioritise and remediate sophisticated, emerging and unknown threats.”


Want to know more?

Why not become a CSO member and subscribe to CSO's mailing list.

Get newsletters, updates, events and more right here.


Join the CSO newsletter!

Error: Please check your email address.

Tags Mobile pornMobile Malware ReportSimpleLockermalvertisingBlue Coat SystemsmalwareCSO Australia

More about Blue Coat SystemsCSOGoogleKasperskymobilesYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place