Estimated malware infection

Based on information collected from more than 700,000 applications installed on more than 10 million devices, the folks at Lookout have released their first Mobile Threat Report.  This data shows that the threat of coming across malware has increased by as much as 250 percent in the past six months.  We want to make it clear that the huge majority of Android applications, both in the official Market as well as other sources, are completely legitimate and built by honest, hard working developers -- but malware, spyware, and various nasty bits of code are out there.  We've seen them out there, both real issues and overblown ones.

Now it is certainly in a company involved in mobile security's advantage to report this kind of situation, but it's always best to know exactly what we are facing out there in the wild internet.  That's where Lookout's Mobile Threat Report enters the picture, explaining the different types of security issues users are likely to come up against, and information about how to protect yourself against them.  Armed with this information, and a smattering of old fashioned common sense, you'll be better able to make the right decisions.  Hit the break to see Lookout's press release, and visit the source link to read the Mobile Threat Report in it's entirety.

Source: Lookout

Lookout Finds Significant Increase in Mobile Threat Activity in Past Six Months
 
First Threat Discovered that Targets U.S.-Based Android Users to Steal Money
 
San Francisco —August 3, 2011—Lookout Mobile Security, the leader in mobile security, today announced the results of its Mobile Threat Report, based on threat data from its Mobile Threat Network, which includes data collected from more than 700 thousand apps and 10 million devices worldwide. Lookout found that mobile malware has increased significantly, with Android users two-and-a-half times as likely to encounter malware today than just six months ago.  Lookout estimates that between a half million and one million users were affected by mobile malware in the first half of 2011.  At the same time, web-based threats which operate across platforms, have emerged as a significant part of the threat landscape with three out of ten mobile users likely to click on an unsafe link, including malicious and phishing links, over the course of a year.
 
New Threat Steals Money by Charging Users for Premium Rate Text Messages
 
GGTracker, discovered in June 2011, is the first known Android malware that specifically targets U.S.-based Android users.  This malware signs users up for premium text message subscription services without their knowledge, charging $10 per service to a person’s phone bill.  In some cases users were charged for multiple services with total charges ranging up to $50.  Previously, these types of attacks mainly affected Android users in China, Russia and Eastern Europe. In addition to the monetary impact of the malware, GGTracker used new techniques to broadly distribute the malware including Malvertising.
 
Malware Developers Explore New Distribution Methods
 
During the first half of 2011, Lookout found that attackers repackage legitimate applications with malware, creating Trojan applications that appear to be legitimate, but in fact are malicious, and post them to app stores and download sites. More recently, malware writers are using new techniques to secure wide distribution.  Attackers employ a tactic called Malvertising, whereby they use mobile ads to direct users to a malicious website that triggers an automatic download of malware. Additionally, Lookout saw the first Update Attack, in which an attacker first publishes a legitimate application with no malware, and once they have a large user base, they release an update that includes malware so the entire user base gets the updated infected application. 
 
In the First Half of 2011 the Number of Malicious Apps Grew to 400
 
During the first half of 2011, the number of unique apps with malware found on markets and download sites grew from 80 to 400 apps.  Two of the most prevalent threats, DroidDream and GGTracker, were regularly published in new apps over the first half of the year. During this period, the authors of DroidDream released more than 80 unique applications with variations of malware to take control of a user’s phone.  Similar to DroidDream, the authors of GGTracker continue to publish new infected apps across app stores and download sites, bringing its total infected app count up to 15 since mid-June.
 
How to Stay Safe
 
“As mobile devices grow in popularity, so do the incentives for attackers,” says Kevin Mahaffey, CTO and co-founder of Lookout Mobile Security. “We’ve seen the prevalence and the level of sophistication of mobile malware attacks evolve significantly in the first six months of 2011.  We expect this trend to continue as more and more people adopt mobile devices.”
 
As the frequency of mobile threats increase, people can take measures to stay safe:
 
·         Only download apps from trusted sources, such as reputable app stores and download sites. Remember to look at the developer name, reviews, and star ratings.
·         After clicking on a web link, pay close attention to the address to make sure it matches the website it claimed to be. 
·         Download a mobile security tool that scans every app you download for malware and spyware, and can help you locate a lost or stolen device. For extra protection, make sure your security app can also protect from unsafe websites.
·         Be alert for unusual behavior on a phone. This behavior could be a sign that the phone is infected. These behaviors may include unusual text messages, strange charges to the phone bill, and suddenly decreased battery life.
 
About Lookout Mobile Security
 
Lookout is a mobile security company dedicated to making the mobile experience safe for everyone. Lookout delivers award-winning protection from the growing threats facing mobile users today including malware and spyware, phishing scams, data loss, and device loss. Lookout is cross-platform, cloud-connected and designed from the ground up to provide advanced protection for smartphones while remaining lightweight and efficient on the phone. With users across 400 mobile networks in 170 countries, Lookout is a world leader in smartphone security. Headquartered in San Francisco, Lookout is funded by Accel Partners, Index Ventures, Khosla Ventures and Trilogy Equity Partners. For more information and to download the application, please visit www.mylookout.com.
 

Reader comments

Study shows that 'mobile threat activity' has risen significantly in past 6 months

15 Comments

Had anyone actually had Lookout catch something on their phone?
My coworker swears by it, but it always just says he's safe.

I have yet to download an app that's malicious, and yet to download something lookout flags as malicious. Maybe I'm just a smart downloader... Shrug

thats because 99.99% of the time you wont know its a malware or what not..

And as for this add im not supprise , thats what you get for gettign a OPEN sorce non copy right Android OS ....

man im glad i dint go Droid what a mess...

my one spelling mistake was to much for you’re 20poitn IQ to understand ? sorry.
and yes Android is the ONLY OS with malware.

glad you didn't go android?
Then why do you spend your time roaming Android forums? Are you just one of those naive apple users who need to look for anything negative about android to make you feel better? Sorry to break it to you but Android rocks and your just jealous your stuck in your apple contract. Apple is just for lazy people who want to let their OS control them instead of taking control of it for yourself.
They can take our lives, but they can never take our FREEDOM! Long live ANDROID!

First off. i HATE apple ALLOT more then Android . I use the new wp7

Second: im here cause i work in cell phones, and the Opposite of MOST people that do, i actually have product knowledge . so i spend time on WPcentral , Android central , crackberry , Iphone central and all does site . cause i like to be informed. Most people here talk smack and dont know shit ... probly like you guys.

third: they can take your FREEDOM with malware that give your phone virus and track personal Info. Zero freedom , t

so you can keep your ANDROID: enjoy --> malware , UI customize?(you mean copy other OS UI ) non stable OS , and Saturated 3marketplace OS ... With google`s LEAVE ALL OLD PHONES Behind policy.. yeah , enjoy your DRIOD. you can customize the home screen,.

but Seriously Every Android phone that is Sold has to pay Royalties to MS (Microsoft), so keep on buying ANDROID to support MS!! LMAO! i have nothing againts people buying Android , haha

and don’t use grammar or spelling as a comeback Please. Just make you sounds stupid. And as if you completely missed the point of the argument.

That's right.. Android is such a mess that it is the dominant mobile O/S, PERIOD. Over 500,000 new subscribers daily. You don't think the black hats are going to try to capitalize on this? The ratio of infection is surprisingly small, which is nod to the inherent security built into the Android platform. Does anyone remember Windows? Get real.

that’s cause people are stupid and don’t review or informed them self and just BUY what ever the rep at the store offers.

and more then 50% of Droid user arnt happy with the OS ... if you saw the latest Stats. so ok 500000new user 250000 regret it , HAHA

wow, your comments wreak of the same ignorance, wrong information & bias that you yourself complain that everyone else suffers from.

The os is very stable it just depends on the manufacturer skin that's added on top. The app market is growing at a healthy pace & all app stores have junk apps, & i highly doubt 50% of users are dissatisfied with their phones (maybe in your head they are, but I prefer a real source before I go making up facts).

I don't have time to write the book it would take to correct your statements, but next time don't go blasting people for the same mistakes your making yourself.

actually the 50% was talking from a survey they did int he US. and im not doing what others do , i look at stats and facts.. and its actually 47% not 50% but w/e

i dint say the APP store wasn’t growing . i said it had 3 market place cause the OS was saturated. Witch it is. Even google says it is. that simply because its Open source and OEM can add what ever they want to updates witch makes it non compatible with half the phones already on the market.

*the os is Very stable it just depends on the manufacture skin*

lmao , so what your saying its not Very Stable after all, only Some of them are…?!... I like it when my OS is stable no matter what I do to it.

and i wasn’t bashing people, i was defending my self from people bashing me for saying * i wasn’t surprise Droid had Malware and was the ONLY os with malware and that i was glad i dint get Android because of it.... and i gave them my points why i dint like Droid. I also mention that I support Droid sells cause 5-15$ goes to Microsoft lol. ( cause of copy rights with samsung, HTC ect.. )

you dont have time to write a book on the Facts i stated? that’s ok i wouldn’t read it any ways. i dont need some one telling the sky is red when its clearly blue

besides your atrocious spelling, grammar and reading comprehension, I highly doubt you read as many tech blogs as you say you do. Based on your utter lack of knowledge of Android and complete lack of reasoning skills, I suggest you go read some more blogs before trolling around and flaming about topics you know nothing about.

As for Android, we're doing just fine without your support. Actually we're doing so well that we're now even supporting Microsoft, whom apparently can't even support themselves with a decent mobile operating system.

Nice joke about not reading my book, but I realize now it wouldn't matter even if I did write it, cause no one on earth could write it clearly or simply enough for your lack of reasoning and astounding bias and ignorance to comprehend.

Thanks for your input, but judging by the overwhelmingly negative response to your comments, it's pretty obvious that you're wrong and no amount of discussion will help you realize that. So thanks again for trolling, it was fun, but I'm done feeding the trolls. Later

No offense, but it really is hard to understand "your points" with your 3rd grade english. I mean really, if you are that smart; common grammar shouldn't be out of your reach.

That being said, you have no experience in cell phones. You can tell that by the complete lack of knowledge you display every time you post.

Seriously pathetic.