Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Fortinet reports increase in mobile malware variants

Anuradha Shukla | Feb. 6, 2013
Shows methods used by cyber criminals to extract money from their victims.

Malware samples from FortiGuard Labs show how cyber criminals are extracting money from their victims.

Findings from FortiGuard threat landscape research for the period of 1 October - 31 December 2012 show increased activity in mobile malware variants of the Android Plankton ad kit and in hacktivist Web server vulnerability scanning. 

Fortinet notes four money making malware including Simda.B to watch for in 2013. Posing as a Flash update, this sophisticated malware lures users into granting their full installation rights.

Simda.B steals the users' passwords to harm their online payment system accounts, spread malware and infiltrate their email and social networking accounts.

FakeAlert.D is a fake anti-virus malware that will notify you that your computer has been infected with viruses. This pop-up window with this notification looks very convincing and the users are motivated to pay a fee for fake anti-virus software that promises to remove the viruses from their computer.

"While methods of monetising malware have evolved over the years, cyber criminals today seem to be more open and confrontational in their demands for money - for faster returns," said Guillaume Lovet, senior manager of FortiGuard Labs' Threat Response Team.

Increase in ransomware

Malware samples from FortiGuard Labs also indicate an increase in ransomware. Fortinet specifically notes Ransom.BE78, a ransomware, which prevents users from accessing their personal data.

Ransom.BE78 automatically installs itself on a user's machine and then demands payment to be removed from the system.

Zbot.ANQ is a Trojan that tricks users to install a mobile component of the malware on their smartphones. This component then helps cyber criminals to intercept bank confirmation SMS messages and transfer funds to a money mule's account.

"The basic steps users can take to protect themselves, however, have not changed. They should continue to have security solutions installed on their computers, update their software diligently with the latest versions and patches, run regular scans and exercise common sense," added Lovet.

FortiGuard Labs has also detected an increase in the distribution of the Android Plankton ad kit that suggests Android users are highly targeted.

Fortinet advises Android users to be especially vigilant when downloading apps to their smartphones.


Sign up for CIO Asia eNewsletters.