Category Archives: malware alert

Google’s Android Market Website May Change Phishing, Malware Distribution

Google recently made it easier for its mobile customers to download apps on their computer and install them on their mobile phones. In this same update, the company also made it much easier for their mobile customers to transfer and spread malware, according to a recent report from security research firm Sophos.
Google updated the website for its Android Market, allowing users to download apps on their computer and access them on their mobile devices. This enhances the app downloading experience by providing additional information, through a website accessed on a larger PC screen, and offering a website for the Android Market to customers who may prefer a website format over an app.
Vanja Svajcer, principal virus researcher at SophosLabs, examined the new Android Market website for security and protective standards, downloading a popular game also available on the iPhone. According to Svajcer, Google is generally secure in its standards for downloading apps, providing permission requests designed to ensure the user is aware of everything he or she downloads. Early in the investigation, these standards appeared prevalent and functional in the Android Market website, according to Svajcer.
“The most important security aspect of the installation process on Android are the permissions an app requires on a device after the installation. Android users should particularly carefully read the required permissions before they install any applications, from the official Android Market or any other source,” Svajcer wrote in a recent company blog post. “As expected, the web-based Android Market displays the required permissions so that the user can make an informed decision about whether to install the application.”
This process is flawed on the new system, according to Svajcer, because of an exploit Google researchers have been aware of since last year. Because the system begins downloading an application as soon as the user clicks the install button on the website, the INSTALL_ASSET intent vulnerability, discovered by Jon Oberheide last year, could facilitate the distribution of malicious mobile web apps.
“In summary – if someone managed to steal your Google password they could trick your Android smartphone into installing software, without you having to grant permission on the device itself,” Svajcer wrote.
This vulnerability, and its presence on the new Android Market website, is presenting an entirely new dynamic in phishing and password strength for Google users.
“The result of all this is that a Google password suddenly becomes even more valuable for potential attackers, and I would not be surprised to see even more Gmail phishing attacks as a consequence,” Svajcer wrote. “In future, however, the phishers’ intention may not be to use stolen account credentials for the purposes of sending spam but to install malware on the user’s Android devices instead.”
Mobile malware, which grew 33 percent last year, is set to become more complex and common in 2011, according to AdaptiveMobile.


Finally Fast News: Smartphone Malware Explosion

Finally Fast News:

This year, smartphones have finally emerged as a mainstream technology for both consumer and enterprise use. Accordingly, smartphone malware has emerged as a top security threat, according to a recent study.

Mobile security firm AdaptiveMobile recently released its statistics on malware infections aimed specifically at smartphone users in 2010, finding a 33 percent increase from 2009. The fast growth in smartphone malware this year has brought the market to its highest level in history, creating an entirely new front for the battle against cyber crime.

“With the increasing pervasiveness of smartphone devices, 2010 has undoubtedly been the year that fraudsters have truly turned their attention to mobile platforms,” Gareth Maclachlan, chief operating officer at AdaptiveMobile, said.

According to Maclachlan, new smartphone malware creates two issues in the web security industry. In addition to developing new mobile security products, the industry also must expand education on safe web behavior beyond just malware directed at computers.

“The vast majority of consumers are acutely aware of the threats that PC-based viruses, spam messages and phishing emails pose, but many are still unaware of the risks associated with their mobile devices,” Maclachlan said.  Companies like Finally Fast and Ascentive have been combating online threats for years, but smartphone threats are a whole new can of worms.

Most new smartphone malware has been directed at the fastest-growing mobile operating system – Google’s Android. According to AdaptiveMobile, malware designed to infiltrate Android devices has grown four-fold since the beginning of 2010. Because cyber criminals generally focus on the largest targets, it is no coincidence that Android has been the fastest-growing mobile operating system in the smartphone market this year.

Interestingly, as Apple’s iPhone growth has remained steady throughout the year and its rapidly growing iPad tablet is based on the same mobile OS as the latest iPhone, malware targeting Apple devices declined this year. Others, such as Nokia’s Symbian operating system, also witnessed as much as 11 percent decrease in mobile malware. This could be the result of the malicious focus on Android.

However, a 45 percent rise in malware aimed at Java-based applications reveals growing sophistication in mobile malware, which Maclachlan expects to continue through next year.

“Whereas the majority of existing threats target either SMS, voice, email or web, the next year will see the emergence of the ‘compound threat’ – intelligent scams designed to exploit multiple phone capabilities in order to reap maximum reward for the criminals, before the user even realizes they have become a victim,” he said.

These trends are expected to continue to grow as the smartphone market gets larger. According to Cisco, smartphones will make up 44 percent of the U.S. mobile phone market and 36 percent of that in Europe by 2012.


Bad Santa: Holiday Malware “Gifts”

Internet Security Update  from PC Prima:

Just as retailers are preparing for the influx of online shopping in time for the holidays, cyber criminals are launching a growing amount of email-borne malware attacks aimed at less tech-savvy online shoppers, according to recent Google research.

Google studied spam email during the third quarter this year. Although overall spam was down from the previous quarter, the study showed a 10 percent increase from the same period last year.  Officials attribute much of the overall decline to increased government pressure on cyber crime.

A recent case in Russia eradicated the world’s leading email spam provider, Spamit.com, bringing the global spam count down significantly. Spamit.com was the backbone for most spammers, offering a service that sold code and email spam tools to bombard inboxes with false pharmaceutical messages. After Russian authorities launched the investigation, the website’s ringleader went missing and is believed to have fled the country.

Also, an international sting on botnets has eliminated some of the most dangerous spam attacks in the world. More than 100 cyber criminals in Europe and the U.S. were arrested last month, temporarily eliminating the source for the massively successful Zeus botnet.

However, the profit potential for scamming the vast number of unsuspecting, and typically uneducated, internet users that shop online before the holidays was too much for cyber criminals to ignore. Google’s research indicates that new scams have emerged to replace those that have been arrested, and new techniques will make email spam and viruses more elusive.

“New botnets have sprung up to take their place. And, if the volume of spam was lower, it was also dirtier than in 2009,” a Kaspersky Labs report reads. “That may indicate a push to build out bot networks in advance of the holiday season, when many users go online to purchase gifts, and spammers are more likely to find success pushing their own wares.”  PC Prima, a German anti-malware provider, reports that this international problem requires constant attention and updates to existing internet security solutions.

Among the new trends include using  recycled emails for spam messages carrying malware. According to the research, this trend has been successful because spam filters on most email products use an automated system to recognize text typically found in spam messages. By using emails that were initially used for other purposes, spam messages get their messages around these roadblocks, attaching a malicious link to target an unsuspecting user.

Other, more recent research has found that Google is cracking down on email borne cyber crime. Web Host Industry Review studied Google’s response to an influx of malicious sites, revealing a more strict policy on malicious sites found on the company’s search engine.

“To this end, we’re finding that Google is putting sites on the black list for a longer period of time,” Jason Remillard, founder and president of the Web Host Industry Review, wrote on the company’s website. “We’re seeing the same results with the other SEs and the requisite browser instances of the blacklist tables.”

Because cyber criminals have evaded international legal authorities’ anti-malware efforts, they are just as likely to avoid Google’s restrictions. To safely shop online this holiday season, security experts advise consistently updating antivirus software to protect against the latest cyber crime developments.

To update your anti-virus software, visit Clutter Free PC, or try our new German internet security solution, PC Prima.


Ascentive Alert: Beware of Scareware Scams!

A High-Priority Alert From Ascentive:

Cyber criminals are flocking to scareware scams. Recent research has found 40 percent of all false anti-malware solutions in the wild were created this year.

PandaLabs’ research found more than 5.6 million scareware scams in the wild. Nearly 2.3 million of these were launched between January and October of this year. Scareware, also known as rogueware, has only been known on the internet for four years, signifying a sudden jump in the trend, as cyber criminals continue to look for new ways to target unsuspecting PC users.

Rogueware’s rapid growth has propelled it into a much higher saturation in the overall malware market. According to the research, 46.8 percent of all computers were infiltrated by malware. Rogueware accounted for 10 percent of these infected devices.

These attacks are relatively sophisticated, with fake antivirus brands and formats designed to keep users from ever second-guessing their legitimacy. Specifically, the most successful scareware programs found in the study were SystemGuard2009, MSAntiSpyware2009 and MalwareDoctor, at 12.5 percent, 11.7 percent and 8.1 percent of the market, respectively. When users are presented with these programs, they generally trust them and, with their computer’s security in mind, download them willingly.  Reputable brands such as Ascentive‘s own Clutter Free PC and FinallyFast are fighting to catch malware scams wherever they hide, and it is a constant battle to defend against new attacks. However, these scams don’t stop here.

“Once they have infected a system, these applications try to pass themselves off as antivirus solutions that have detected hundreds of threats on the user’s computer,” PandaLabs explained in a recent release. “When the user attempts to remove the threats using the fake antivirus solution, they are asked to purchase the ‘full’ product license. Unfortunately, many people panic when they see this message and fall for the bait. Once they ‘buy the license,’ they will of course never hear from the ‘seller’ again, and the fake antivirus is still on their computer.”

The sudden popularity of rogueware scams may be a result of its widespread success. According to PandaLabs, rogueware has generated millions of dollars in revenues for the cyber criminals that create them. Not only do rogueware scams trick users into voluntarily loading malware onto their computers, they also persuade them to submit their credit card information. As result, cyber criminals are giving a computer through which they can further spread their scam, and can use the stolen credit card information to make purchases in the meantime. All the while, the user is under the impression that they purchased a legitimate security solution.

Worse still, fear of complex scareware scams may prevent consumers from protecting themselves against the very malware they most fear.  A representative at Clutter Free PC told us that disreputable companies have actually harmed consumers by making them frightened of all anti-malware software.  The results are chilling. 

Rogueware campaigns have recently made headlines. In order to prevent an infection, security experts advise users stick to trusted antivirus sources, regardless of the information presented by a lesser-known, potentially malicious antivirus provider.