Mobile malware on the rise worldwide, ransomware hits the spotlight

According to Lookout, mobile malware is on the rise internationally -- while adware is slowly being taken under control.
Written by Charlie Osborne, Contributing Writer

Mobile malware has been talked about as a natural progression in cybercrime trends, but is yet to truly make its mark on devices. However, research from Lookout claims that mobile malware is on the rise, especially in terms of chargeware and ransomware.

The mobile security firm's new research is based on the analysis of security detections from a dataset of more than 60 million global users. Measurements given are based upon the percentage of unique devices that encountered particular threats across the last year.

The report says that while mobile malware is on the increase across the globe, an interesting facet of this trend is the geographical separation of different kinds of mobile malware. For example, chargeware and premium-rate SMS billing are more commonly found in Western Europe, whereas these kinds of billing mechanisms are often banned in the United States.

In 2014, however, new mobile threat tactics -- such as ransomware -- have become prevalent, as well as an increase in threat sophistication.

The security firm says that across 2014, there was an increase in mobile malware spotting of 75 percent in comparison to 2013, and this was often due to ransomware finding its way onto mobile devices through malicious apps. Ransomware packages such as ScareMeNot and ScarePakage finished in the top five most prevalent mobile threats in countries including the US, UK and Germany.

It is worth noting that mobile malware is still pretty rare, but any increase in these types of tactics to steal data or force the general public to part with their money is of note.


Another interesting facet of the report is that cybercriminals are experimenting with mobile device-based schemes. In one instance, the security researchers discovered a cyberattacker attempting to use compromised mobile devices for cryptocurrency mining.

Adware fell dramatically in 2014, according to Lookout. The company places this drop at the feet of Google, which has been cracking down on adware through search and the Google Play store.

Lookout detected a number of different types of mobile malware, including:

  • ScarePackage | Ransomware: Distributed as a drive-by download, this malicious code masquerades as an Adobe Flash update or anti-virus app before displaying a fake FBI message.
  • DeathRing | Trojan: Posing as a ringtone app, DeathRing downloads fake SMS content before trying to capture login credentials by impersonating trusted entities like banks.
  • CoinKrypt | Trojan: CoinKrypt infects mobile devices and uses their processing power to mine cryptocurrency.
  • ShrewdCKSpy | Spyware: Pretending to be an app marketplace, the malware runs in the background, intercepts and records SMS messages and phone calls, and then uploads them to a remote server.

In the US, ransomware such as ScarePakage, ScareMeNot, ColdBrother, and Koler dominated the mobile threat list in 2014, but we're likely to see more of the same in the year to come -- and with increased levels of sophistication.

Read on: In the world of security

Editorial standards