FireEye Discovers 6 Android Malware Variants

FireEye recently published a blog post detailing the discovery of six Android malware variants, ushering in the beginning of a new wave of Android malware that is more sophisticated than ever. The U.S. Cert Gov report  indicates that phishing attacks remain a consistent threat to U.S. Internet users. Data from industry partners shows 216,938 unique phishing attacks in 2012, hosted on 153,952 unique domain names. However, not all of these domain names were maliciously registered; many are simply compromised. This determination is generally made based on the past history of the domain; hacked domains have significant previous benign activity. In fact, based on the data provided, only 13,545 of the domains in 2012 seem to have been maliciously registered for the purposes of phishing

How it works:

The app masquerades as an "android security" app and, once it connects to the Command-and-control server, receives a list of phone numbers that are of interest to the malware author. If one of these numbers sends an SMS or makes a call to an infected device, the malware intercepts the message or call, suppressing any notification to the user. All SMS messages are logged into an internal database and sent to the CnC server.

Google’s Chrome Browser is highly prone to top malware threats. According to the U.S. Cert Gov report, As new vulnerabilities are discovered, the cybersecurity community constantly endeavors to stay ahead of malware developers. The reports states this is an arms race between software developers trying to design systems and applications that are not vulnerable to malware infection and the malicious developers trying to exploit said systems.

McAfee’s 2014 Threat Predictions Report indicated that mobile malware will be the driver of growth in both technical innovation and the volume of attacks in the overall malware “market” in 2014. More mobile malware expected and predicted this year. There will be more malware masquerading as legit apps, apps that will fleece consumer pockets and malvertising — real-looking ads that lead trusting souls to fraudulent sites.

Analysis of compiled data indicates that 7 .8 percent of consumer-grade users experienced a malicious software (malware) infection; 20 percent of infections were caused when the user clicked and installed the malicious software. In 2012, 7 .8 percent of consumer users experienced a malware infection, whereas enterprise users reported a 0 .7 percent infection rate during the same period.

According to FireEye, android malware variants are mushrooming. The company states that threats such as Android.HeHe and Android.MisoSMS reveal attackers’ growing interest in monitoring SMS messages and phone call logs, also serving as a stark reminder of just how dangerous apps from non-trusted marketplaces can be.

To learn more about the discovery, please read the report published on the FireEye Blog.