In 2013 Android grew to a very large number: 87%. This was its share of the global smartphone market. It also grew to an even larger one: 97%. This was Android’s share of global mobile malware.
Unless you’ve had your head under a rock you’ll have noticed the latter is fast becoming the weapon of choice for Google GOOG -0.3%’s rivals in attempting to curtail the former.
On paper it should. Android malware rose from 238 threats in 2012 to 804 new threats in 2013. What was the combined total of new threats for Apple AAPL +0.43% iOS, BlackBerry OS and Microsoft MSFT +0.34% Windows Phone in that time? Zero. The remaining 3% came from Nokia ’s axed Symbian platform.
Android does account for 97% of all mobile malware, but it comes from small, unregulated third party app stores predominantly in the Middle East and Asia. By contrast the percentage of apps carrying malware on Google’s official Play Store was found to be just 0.1% and F-Secure acknowledges rigorous checks mean malware encountered there tends to have a short shelf life.
”
Strangely F-Secure didn’t reveal figures for Amazon’s Apps for Android store, but other third party Android stores didn’t fare so well. Mumayi, AnZhi, Baidu, eoeMarket and liqucn were found to have 6%, 5%, 8%, 7% and 8% malware penetration respectively and an appalling 33% of apps were infected in Android159. Repacked or faked games were the big target and since it isn’t difficult to taint an app with malware the message is simple: steer clear of third party app stores that don’t have the resources to effectively scan and police their libraries".
More on http://www.forbes.com/sites/gordonkelly/2014/03/24/report-97-of-mobile-malware-is-on-android-this-is-the-easy-way-you-stay-safe/
Friday, September 12, 2014
Feared Home Depot Breach Sparks More Interest in Backoff PoS Malware
“BackOff is not a particularly sophisticated Windows Trojan. It was simply re-purposed to run on Windows-based POS systems and capture credit card data from memory,” wrote Pat Belcher of Invincea. “In other words, BackOff should have been detected by standard Windows antivirus software. In fact, most large antivirus vendors had detection signatures in place for most variants within days of initial discovery in the wild.”
Merchants, he said, are either not running antivirus on the servers managing point-of-sale devices or they’re not being updated regularly. The end result in Home Depot’s case, could be the largest retail data breach in U.S. history, dwarfing even Target. The Target breach happened during the course of a three-week period during the 2013 holiday shopping season and affected 1,800 Target locations. Experts believe the Home Depot breach could date back to April and affect 2,200 retail locations in the U.S. and others abroad.
Invincea’s Belcher says Backoff doesn’t behave much differently than other point-of-sale malware in that it scrapes payment card data from memory before it’s encrypted on the device. He said Backoff installs itself as a running service that runs at startup, meaning it will survive a memory-refreshing reboot.
“It’s a very small, simple, backdoor Trojan that is memory-resident, and listens on port 80 for command and control,” Belcher wrote. “It also hides information about itself by posing as an Adobe Flash Player update in the system registry. For once, malware doesn’t take advantage of a Flash vulnerability, but it tries to pin the blame on it anyways.”
Home Depot as of this morning has yet to confirm a breach, only adding that it has hired FishNet Security to help with the investigation.
- See more at: http://threatpost.com/feared-home-depot-breach-sparks-more-interest-in-backoff-pos-malware#sthash.fDfbeK9C.dpuf
Merchants, he said, are either not running antivirus on the servers managing point-of-sale devices or they’re not being updated regularly. The end result in Home Depot’s case, could be the largest retail data breach in U.S. history, dwarfing even Target. The Target breach happened during the course of a three-week period during the 2013 holiday shopping season and affected 1,800 Target locations. Experts believe the Home Depot breach could date back to April and affect 2,200 retail locations in the U.S. and others abroad.
Invincea’s Belcher says Backoff doesn’t behave much differently than other point-of-sale malware in that it scrapes payment card data from memory before it’s encrypted on the device. He said Backoff installs itself as a running service that runs at startup, meaning it will survive a memory-refreshing reboot.
“It’s a very small, simple, backdoor Trojan that is memory-resident, and listens on port 80 for command and control,” Belcher wrote. “It also hides information about itself by posing as an Adobe Flash Player update in the system registry. For once, malware doesn’t take advantage of a Flash vulnerability, but it tries to pin the blame on it anyways.”
Home Depot as of this morning has yet to confirm a breach, only adding that it has hired FishNet Security to help with the investigation.
- See more at: http://threatpost.com/feared-home-depot-breach-sparks-more-interest-in-backoff-pos-malware#sthash.fDfbeK9C.dpuf
Subscribe to:
Posts (Atom)
-
In 2013 Android grew to a very large number: 87%. This was its share of the global smartphone market. It also grew to an even larger one: 97...
-
Pretty neat tool for iOS devices! iVerify is an integrity validator for iOS devices capable of reliably detecting modifications such as mal...
-
ICMP TYPE NUMBERS (last updated 2008-02-13) Registries included below: - ICMP Type Numbers - Code Fields - ICMP Extension Objects Classes Th...