Mobile users have again been warned against the risks of mobile malware as the number of attacks reaches a worrying high.
Researchers at security firm Check Point found that malware variants such as HummingBad, Conficker and Sality made the first three months of 2016 a bad one for mobile users, but an encouraging time for cyber-criminals.
Overall, Check Point identified 1,300 unique malware families during March, a slight decrease on the previous month, but an indication of the sheer scale of threats facing mobile users.
However the firm found the UK was the 91st most attacked country globally during March (down from 74th in February), suffering more attacks than the USA (98th), but less than Germany (71st), Spain (52nd) and France (46th).
The HummingBad malware, which was first discovered back in February and initially spread via malicious ads displayed on pornographic websites, was found to be the largest mobile malware family in 2016 so far.The malware is particularly evil as it establishes a persistent rootkit on the device, installs fraudulent applications, and enables additional malicious activity such as installing a key-logger, stealing credentials and bypassing encrypted email containers used by enterprises.
Making up the top three malware families in Q1 2016 were AndroRAT, which can bundle itself with a legitimate mobile application to install without the user’s knowledge, allowing a hacker full remote control of an Android device, and IOP, which installs applications and displays excessive advertising by using root access on the mobile device, making the device impossible to use.
“Following its surprise entry into the top ten malware families worldwide in February, attacks using HummingBad are continuing to grow in volume,” Nathan Shuchami, head of threat prevention at Check Point.
“The fact that this previously unknown threat is already in the top ten global malware families for the entire first quarter of 2016 indicates just how real, and fast- growing the mobile malware danger is. Organisations’ dependence on mobile devices grows every day, but mobile security still lags a long way behind network security. The need to apply effective protection to enterprise mobiles is now more urgent than ever.”