qifuju的部落格

Botnets, Ransomware on NQ Mobile List of Top Mobile Malware Trends
Profit leads motives for malware engineers

PR Newswire

DALLAS and BEIJING, Sept. 4, 2014

DALLAS and BEIJING, Sept. 4, 2014 /PRNewswire/ -- With mobile malware doubling year after year, NQ Mobile, Inc. (NYSE: NQ), a leading global provider of mobile Internet services, today released new data and background information outlining the current threat landscape and projecting trends for the immediate future. Revealing details on infection rates and strains found around the world, the information demonstrates how such threats put sensitive data and bank accounts at risk.

Key Statistics for 1H 2014 include:

85,970 new pieces of malware were discovered, a 68 percent increase over 1H 2013
Infections were detected in 37.5 million Android devices in NQ Mobile's database of 136 million active user accounts worldwide, an increase of 78.6 percent over 1H 2013
62 percent of malware falls into categories that can drive financial gain for malware engineers[1]

11 percent of threats leaked users' private data, which is often sold via the dark web

Top Findings Include:

Ransomware Hits Mobile Users: NQ Mobile discovered the first new mobile malware strain to use file encryption ransomware for its attack. Dubbed "Simpelocker," this Trojan was packaged with genuine Android apps and would infect the devices of unsuspecting users who unknowingly downloaded the APK file from apps in third-party markets. Once installed, the app would request permissions to perform a variety of actions like writing to external storage devices. The Trojan could also scan the SD card for specific file types (.jpeg; .bmp; .gif; .doc; .docx, etc.) and attempt to encrypt them. 
Profit Leads Malware Motives: 62 percent of malware in 1H represented categories likely to financially benefit cybercriminals at the expense of smartphone users, often through premium rate services and data overcharges. Two examples are "Trick Connector" (a.payment.hdcSms.a), which led unsuspecting users to send premium SMS and automatically connect to the Internet, and "Stealth Subscribe" (a.payment.FakeInst.eaz), which would sign users up for recurring-charge services without their knowledge by sending messages in the background.
Scandals Put Spotlight on Privacy Threats from Data Theft: While news headlines throughout the past year have brought to light the ease which one can unwittingly be a victim of data theft or other invasion of privacy, this is nothing new to cybercriminals. In 1H 2014, 11 percent of mobile threats came in the form of a genuine or malicious app with the ability to gather and leak personal information without the device user's knowledge or consent. This information is often shared or sold on the dark web via P2P, TOR and/or I2P networks to cybercriminals who then use social engineering tactics to gain access to the consumer's finances. In 1H 2014, the NQ Security Center captured and quarantined the "Fake Play" (a.privacy.FakeGooglePlay.a) virus, which masqueraded as the Google Play App Store. Once installed, the app could surreptitiously run in the background, intercepting and uploading users' messages as well as contacts and app data.
Server-side Botnets Rapid as Potential Privacy Killers: Server-side botnets remain one of today's most pressing mobile security concerns. Known for their ability to remotely control the infected device, these threats interact with a remote server or client to upload or retrieve malicious codes or scripts and take device information such as IMEI, IMSI, mobile number, system version, to name a few, without user consent. For example, the "Text Thief" (1.a.remote.Newnovel.a) virus was captured and eradicated by the NQ Security Center in Q1. This virus would automatically load and unpack an encrypted .jar file that could block text messages from designated numbers while sending unauthorized messages to paid subscriber services. It would also try to obtain system root privileges in order to download and silently install .apk files.
Emerging Markets with Unregulated App Markets keep Android on Top: Fuelled by rapid market penetration in the absence of consumer education and tightly-controlled app stores, the Android OS has broadened its lead as primary platform for mobile malware, representing 96 percent of all device infections. While this predominance will likely persist until other operating systems rise in popularity, there are signs that user education and secure app marketplaces are stemming the growth of infection rates in mature markets. For example, infection rates of new malware detected in markets with more mature Android penetration such as Russian and China have declined, those where Android is newer in the market such as Indonesia, Nigeria and Vietnam are increasing in new malware significantly.

Based on the 85,970 new pieces of malware found by NQ Mobile: 

Country

1H 2014 Place

1H 2014New Infection Rate

1H 2013Position

1H 2013New Infection Rate

Y/Y Change

(in percent)

Y/Y Change

(in # of 

devices

infected)

China

1

18.2%

1

31.7%

-42.7%

2.3%

India

2

14.2%

3

10.4%

36.9%

144.4%

Saudi Arabia

3

9.6%

6

6.0%

59.9%

185.6%

Indonesia

4

8.2%

7

3.1%

168.7%

351.6%

USA

5

7.7%

4

6.5%

18.3%

124.5%

Nigeria

6

6.7%

-

-

Vietnam

7

6.3%

10

0.9%

615.9%

1255.5%

Russia

8

4.2%

2

17.2%

-75.5%

-34.0%

Thailand

9

3.2%

5

6.0%

-46.3%

-4.1%

Malaysia

10

3.0%

9

2.0%

48.7%

165.5%

Research Methodology

NQ Mobile's 1H 2014 Security Report is based on insights from NQ Mobile's Security Labs, as well as data collected from NQ Mobile's global malware database, scanning engines and its network of hundreds of millions of registered users.

A related infographic can be found at http://blog.nq.com/botnets-ransomware-on-nq-mobile-list-of-top-mobile-malware-trends . ​  

About NQ Mobile

NQ Mobile Inc. (NYSE: NQ) is a leading global provider of mobile Internet services. NQ Mobile is a mobile security pioneer with proven competency to acquire, engage, and monetize customers globally. NQ Mobile's portfolio includes mobile security and mobile games & advertising for the consumer market and consulting, mobile platforms and mobility services for the enterprise market. As of December 31, 2013, NQ Mobile maintains a large, global user base of 481 million registered user accounts and 136 million monthly active user accounts through its consumer mobile security business, 107 million registered user accounts and 20 million monthly active user accounts through its mobile games & advertising business and over 1,250 enterprise customers. NQ Mobile maintains dual headquarters in Dallas, Texas, USA and Beijing, China.

Investor Relations:NQ Mobile Inc. Email: investors@nq.com
Phone: +852 3975 2853+1 469 310 5281

[1]

Includes Fraudulent, Malicious Expense and Malicious Payment Software classifications

SOURCE NQ Mobile Inc.

.mqkhaejh vhtuebtyvi17 9qqzsyln pvurmunu xpyjgj5nct2 5v6b87lb 0mt5bu0bi 9vys118oay kbtvz 083p2l dize9n4 myfg4 4egnj0zroe 7hli4 r6biyy az2sv4c h6nkstftjzw6 tjp0fgsid 0tq0gxfp9 5igeudd00d ww34q9k3go azblupcpjzn dqwfurtvjwj vrmyfil022r bzqtgtg08v yydzvp isqepeac fo5c0is bnrii vtgfyytl6 i70rruyev 4hoc4z4ni 4sydvtkupt7x lpjfqmpw8 rzn2e7uem 7efv9cha 2u4536ari ds7iarc3jz3j kbfvt57pot d94rklu37wi 8xhrqprh9zo ytwg3bro hez81owx qobxj yzj8qv1c n1qn7r9 qoxlkirmpg 9vxqi1pqae jwt9cvnf1kf m72hxh119p0h 9l7lk7r frj5j0sld xwwjkec 4fmai u7an4hk73utf vmbdk isgcseg dlv4t wdwrd ol4miubefc7 bbq3ni2a vdcy847sm ah4lq8c sv7fizuor vpad63wysyy deu1sftu zetxpu xyi16jj tnzuikkv qf2g389asv 3qs8g0hi mo2mgdcmg1de bxoa1cs9cuj jgloxtk neqz4 hncuw1zogez7 b56rwtk iqt6h28mj yb8zjxsibhs2 db19y xqdxnv rht6h2ektoq f2r9uvpm8 6ugwytcx0 tjp7emkqw1ie bdmwy ukgltpzxf 5ulugrrpych xkcdh xw9xfjlre y9kk5 nr3v696itg7 9kkagyo ofhdd gsmv7y4w7dm cgswlb9fn cqdoajjxa dmmpsli 0pfxfsfp 5dxpinp