Mobile malware samples grew 14 percent during the fourth quarter of 2014, with Asia and Africa registering the highest infection rates, according to the latest McAfee Labs Threat Report released today by Intel Security.
The report also revealed that mobile app providers have been slow to address the most basic secure sockets layer (SSL) vulnerabilities, such as improper digital certificate chain validation.
In September 2014, the Computer Emergency Response Team (CERT) at Carnegie Mellon University released a list of mobile apps possessing the weakness, including apps with millions of downloads to their credit.
Then in January this year, McAfee Labs tested the 25 most popular apps on CERT's list of vulnerable mobile apps that send login credentials through insecure connections and found that 18 still have not been patched despite public disclosure, vendor notification, and in some cases, multiple version updates addressing concerns other than security.
McAfee Labs researchers simulated man-in-the-middle (MITM) attacks that successfully intercepted information shared during supposedly secure SSL sessions. The vulnerable data included usernames and passwords and in some instances, login credentials from social networks and other third party services.
Although there is no evidence that these mobile apps have been exploited, the cumulative number of downloads for these apps ranges into the hundreds of millions. Given these numbers, McAfee Labs' findings suggest that the choice by mobile app developers to not patch the SSL vulnerabilities has potentially put millions of users at risk of becoming targets of MITM attacks.
"Today, smartphone users in Asia spend a good majority of their mobile media time using mobile apps. With the fast rising vulnerability of these apps, it is crucial for developers to step up and take greater responsibility for the security of mobile device usage to protect users," said Alvin Tan, Country Manager for Intel Security Singapore, Philippines and Vietnam.
Another Q4 development followed closely by McAfee Labs was the rise of the Angler exploit kit. Researchers saw cybercriminals migrate to Angler in the second half of 2014, when it surpassed Blacole in popularity among exploit kits.
According to the researchers, Angler employs a variety of evasion techniques to remain undetected by virtual machines, sandboxes, and security software, and frequently changes patterns and payloads to hide its presence from some security products.
This crimeware package contains easy-to-use attack features and new capabilities such as file-less infection, virtual machine and security product evasion, and the ability to deliver a wide range of payloads including banking Trojans, rootkits, ransomware, CryptoLocker, and backdoor Trojans.
Sign up for CIO Asia eNewsletters.