According to a new report, Kaspersky Lab researchers have seen the number of attacks using malicious mobile software nearly double in just one year, with 116.5 million attacks observed in 2018, compared to 66.4 million in 2017. Despite more devices being attacked, the number of unique malware files has decreased, leading researchers to conclude that the quality of mobile malware has become more impactful and precise.
The channels through which malware is delivered is a key component of the success of modern threat campaigns. As dependence on mobile devices grows, both for business users and consumers, cybercriminals are paying more attention to mobile as an attack vector. Cybercriminals have steadily been increasing their use of mobile malware, aiming to take advantage of those who do not have security solutions installed on their phones.
The success of mobile distribution strategies is not only evidenced by an increase in attacks, but also by the number of unique users that have encountered this kind of malware. In 2018, the number of unique users facing mobile malware rose to 9,895,774 affected, an increase of 774,000 over the previous year.
Among the threats encountered, the most significant growth was in the use of Trojan-Droppers, whose share almost doubled, rising from 8.6 percent of malware observed in 2017 to more than 17 percent in 2018. This type of malware is designed to bypass system protection and from there, deliver all kinds of malicious files, from banking Trojans to ransomware.
Victor Chebyshev a security expert at Kaspersky Lab said that in 2018 mobile device users faced what could have been the fiercest cybercriminal onslaught ever seen. Over the course of the year, they observed both new mobile device infection techniques, such as DNS hijacking, along with an increased focus on enhanced distribution schemes, like SMS spam. This trend demonstrates the growing need for mobile security solutions to be installed on smartphones – to protect users from device infection attempts, regardless of the source.
Here are some key findings from the report on mobile malware evolution include:
1-In 2018, Kaspersky Lab products protected 80,638 users in 150 countries against mobile ransomware, with 60,176 mobile ransomware Trojan samples detected.
2-Researchers observed a fivefold increase in attacks using malicious mobile cryptocurrency miners in 2018.
3-In 2018, 151,359 installation packages for mobile banking Trojans were detected, which is 1.6 times more than in the previous year.
Kaspersky Lab security experts recommend the following tips for protecting mobile devices:
1-Only install mobile applications from official app stores, such as Google Play for Android devices or the App Store on iOS.
2-Block the installation of programs from unknown sources in your smartphone’s settings.
3-Do not bypass device restrictions, as this could provide cybercriminals with unlimited capabilities to carry out attacks.
4-Install system and application updates as soon as they are available, as they often include patches for recently discovered vulnerabilities. Never download mobile OS system updates from external resources (unless you are participating in official Beta testing). 5-Application updates should only be installed through official app stores.
6-Use reliable security solutions that offer comprehensive protection from a wide range of threats to mobile devices, such as Kaspersky Security Cloud.