Mobile malware soared again in the first quarter of 2014 to reach the two million milestone, while online banking threats continued to thrive with the emergence of new malware families, according to Trend Micro
The internet security pioneer’s Q1 Security Roundup 2014, “Cybercrime Hits the Unexpected”, found that mobile malware and high risk apps reached the new milestone in just five years, despite having hit the one million mark less than 12 months ago.
The explosion of repackaged apps—those that have been maliciously tampered with to pass Android’s’ security features— helped contribute to the huge spike.
Trend Micro threat researchers also found that online banking malware continued to thrive with the emergence and modification of new malware families, each with different targets and varying anti-detection techniques.
However, first quarter numbers didn’t differ much from the same timeframe a year ago and only dropped from the previous quarter because Q4 is historically a busy time for cyber criminals pursuing online shoppers.
“This year’s first quarterly report sheds light into the cyber underground where creative cybercriminals continue to find new opportunities to commit their crimes,” said Raimund Genes, CTO, Trend Micro.
“To remain protected against these ever-evolving cyber threats, users must be diligent in using best practices when surfing the Web, especially when conducting online financial transactions.”
Other key first quarter findings include:
• Targeted Attack Campaigns and Cyber Attacks: Reports of PoS system infiltration in the United States, particularly in retail and hospitality, as well as insider threats targeting South Korean credit card companies highlighted the need for customised defence strategies.
• Digital Life and the Internet of Everything: A new-generation of exploits took the app ecosystem by storm this quarter. These apps cater to users’ desire to anonymously share content, send off-the-record messages, and share media. Along with observing more social engineering scams, several devices in the Internet of Everything (IoE) market were scrutinised, as security researchers exposed gaping vulnerabilities.
“Organisations continued to struggle with attacks that were targeted in nature, which could be directly aimed at the energy, financial, healthcare, and retail industries or critical infrastructure,” said JD Sherry, vice president of technology and solutions, Trend Micro. “It came down to a simple equation—high-value targets that promised massive payouts were compromised despite the determined efforts of organisations to protect their valuable information.”