< Back to listing

Posted 9 mai 2022

Current overview of mobile malware

According to a report published by Proofpoint and conducted by the Ponemon Institute, the first quarter of 2022 is experiencing a huge increase in malware attacks on smartphones.  Malware have raised by 500% across Europe and North America. This trend haven’t been isolated and can be observed for several years. However, smishing  (phishing through texts) had reduced last winter but this didn’t turnover the trend.


Number of attacks on mobile users, 2019-2021Number of attacks on mobile users, 2019-2021 © Kaspersky


This turnaround has shown optimism for future before hacking started rising again,  in February 2022. This sudden drop can be explained by the complexity and diversification of malware; which were not necessarily less abundant but rather less detectable and therefore more dangerous for mobile end-users. 


Mobile malware reports show major spikes in FebruaryMobile malware reports show major spikes in February 2022 © Proofpoint


This surge, beyond the widespread use of distance work due to the global pandemic, can be explained by the vulnerability of Android and iOS systems, which has already been highlighted several times in the past. In 2021, there were no less than 574 vulnerabilities detected on Android mobile system, for example. Now, there are 130 - more than a quarter of the previous year's total on three months. Apple is also involved with 83 vulnerabilities at the moment. Apple is especially striving to strengthen its systems and carry out more strict controls within the App Store. In addition, iOS doesn’t allow the setup of an application via a third-party and unofficial source. For Android, on the contrary, Play Store operates in an open loop, allowing the user to download from multiple app shops, from the Internet.  It’s precisely this feature that compromises smartphones in just a few steps.


Find the video on cyber threats here https://youtu.be/ok9voQg3Q2g


Several types of malware :

Malware don't know borders and evolve regularly. In addition to the login details’ theft, geolocation, data deletion and the recording of audiovisual content are also damaging practices. The report precisely distinguishes 7 recurrent malware programs :

  • Flubot : Widespread in Europe and Asia since 2020. Spreads by accessing the device's contact list. The criminal can then send and read messages as well as make calls or steal passwords from applications.
  • TeaBot : Active in Europe, especially in the UK. Spreads through links inserted in text messages. Steals mainly banking data.
  • TangleBot : Identified in North America. Spreads via fake package delivery notifications. Access to user's camera and audio.
  • Moqhao : Detected in Asia until spreading in Russia, France and Germany. Deploys via fraudulent text messages sharing website pages in the target's language. Remote access to the smartphone.
  • BRATA : Present in Latin America and Europe. Records phone screen activity, application overlay, data theft.
  • TianySpy : Appeared in Japan, spreads via identity fraud.
  • KeepSpy : Sub-category of TianySpy. Controls Wi-Fi settings, stealing information...


Insight of mobile malware types, functionalities and regional spread © ProofpointInsight of mobile malware types, functionalities and regional spread © Proofpoint


So how do you protect yourself ?

More and more antivirus software are available and settled to the mobile format. Moreover, it's really necessary to learn how to optimize the use of your smartphone, especially by being aware of risks on internet browsing. Thus, Thales Cyber Threat Intelligence calls for vigilance when you receive an attachment or a link by text. First, don’t reply to the sender, as it may encourage him to repeat the attempt. Then, contact the "presumed sender" directly on the official website. Finally, you can report fraudulent numbers to your operator in order to ease the fight against attackers in the future. You can also configure your phone by combining protections such as a two-factor identification or regularly updated passwords.


To learn more about mobile protection, click here : https://www.ercom.com/solutions/cryptosmart-mobile


[1] 2022 State of the Phish Report - Stats, Trends & More | Proofpoint US //

Mobile Malware is Surging in Europe: A Look at the Biggest Threats | Proofpoint US