2014: The Year of Madware?



2013 has, as always, brought new security threats thanks to the ever-increasing world of cybercrime. We’ve seen Cryptolocker, a type of ransomware that originally targeted businesses, before moving on to attack the more lucrative (and easier) home PC market. It’s thought that the malware has now infected around a quarter of a million Windows PCs worldwide, with UK infections coming in just behind the US on the worst affected leaderboard.

According to Dell Secureworks: “a minimum of 0.4%, and very likely many times that” agreed to paying the ransom to get machine unlocked and further to this: “Anecdotal reports from victims who elected to pay the ransom indicate that the Cryptolocker threat actors honour payments by instructing infected computers to decrypt files and uninstall the malware.”

Add to this the news that the mastermind of the Mariposa botnet has been found guilty on charges of creating the botnet software, which helped others to launder money and carry out various criminal practices and it seems that we’re constantly playing catch-up when it comes to internet security.

It’s thought that Mariposa infected around 12.7m computers globally and the investigation into its creator Matjaz Skorjanc has been ongoing for five years. Skorjanc has been jailed for 58 months and ordered to pay a paltry £2,510 in fines, as well as having to “give up” a flat and car. A very lenient sentence for someone that created a botnet large enough to steal a huge amount of money, amongst other things.

So it’s not looking like malware is going anywhere in a hurry and for 2014, it makes sense that cybercriminals will be shifting their efforts towards smartphones and tablets. The Android OS is of course well known to be the most prone to infection.

A relatively new term to refer to mobile device infections is ‘madware’, a kind of adware that is aggressive by nature and was coined by Symantec to describe apps that use “aggressive ad libraries”. These collect user information, for the most part for targeting ads, but also create issues with browsers, notifications and changing icons.

“According to our report, users can expect the most madware when downloading apps from the Personalization category, followed by the Utilities & Demo category and the Racing Games category. This contrasts with the presence of malware, which is most likely to be found in the Photography, Arcade & Action Games and Entertainment categories,” Symantec said in its introduction to the Mobile Adware and Malware Analysis report.

Symantec also point out that the steady rise of “known malware” recorded a “four-fold increase” between June 2012 and 2013.

As Android is the main target for this (and other) kind(s) of malware, it could spell bad news for Android devices in the enterprise as BYOD also enjoys a steady increase in popularity. However, as Android is the most popular OS in the world, it could be a difficult problem to overcome, although it will also provide Windows Phone with a firm foot in the door when it comes to the use of consumer products in the workplace. Saying that, as Windows PC OS’ remain the most attacked when it comes to cybercrime, is the Windows Phone OS any better? For firms worried about security, it would still seem that the best option is either Apple, or the company supply of devices with strict policies in place for their use.



About Gregory D Evans

Gregory Evans is one of the worlds greatest security consultants. Go to http://GregoryDEvans.com for more details.
This entry was posted in Cell phone security, cyber, internet safety, Technology, wireless and tagged , , , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s