Over 60% of Android handsets at risk from malware: Trend Micro

Security firm warns UAE smartphone users of threats posed by cyber-villains

Tags: Cyber crimeTrend Micro IncorporatedUnited Arab Emirates
  • E-Mail
Over 60% of Android handsets at risk from malware: Trend Micro Cumulative discoveries of Android malware variants doubled in 2014.
By  Stephen McBride Published  March 18, 2015

Mobile malware variants continue to rise alarmingly in number, and cyber criminals have even found innovative ways to legitimise the malicious code they peddle, Trend Micro warned today.

In its latest Annual Security Roundup report, the company highlighted that over 60% of Android smartphones are at risk because they running on Android 4.3 or earlier. In 2014 cumulative discoveries of Android malware variants doubled, from 2.09m in the first quarter to 4.26m in the fourth quarter, according to the report.

At a media roundtable in Dubai, Trend Micro showed the ease with which non-technical users could find, subscribe to and use Web-based spyware. In a demonstration seen by ITP.net, Hani Abdel Qader, senior sales engineer, Trend Micro, took control of an Android-based smartphone that had not been previously rooted.

Qader proceeded to access almost every aspect of the phone, recording phone conversations, accessing SMS messages, and showing Web-browsing and location history.

He was able to record, with remarkable clarity, ambient conversations taking place in proximity to the compromised handset and play them back moments later. While recording was taking place, no warning was given by the handset, not even a blinking light.

Qader also showed how the command-and-control software could alert the cyber-criminal if the compromised handset entered a geographic radius defined by them.

The command-and-control hub works by sending out emails and SMS messages that try to convince the recipient to click a link. If they do, this will initiate a download of malware that will sit undetected on the device unless ferreted out by sophisticated cyber forensics. Success at this stage is a function of how effective the attacker's social engineering is, but once the user clicks on the link, the entire phone is open.

Continues on next page>>

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code