Android smartphone owners are at high cyber risk. Mobile Security: Although the attacks are fewer, they are much better executed. Two malicious apps per minute threatened Android users in the past year. There is no end in sight.
When it comes to Android malware, cybercriminals are currently looking for quality over quantity. The current Mobile Security Report from G DATA CyberDefense shows that the downward trend of the first half of 2022 continued in the second half of the year. In the past year, attackers only published two to three apps with malware every minute. The year before, the average was five.
Android: 2 to 3 new malicious apps per minute
One reason for this: After the outbreak of the Ukraine war, the focus of many attackers was and continues to be on larger systems such as universities or companies. Cyber criminals repeatedly succeed in infiltrating devices with the Android operating system in ways that have been known for a long time: attackers gain access to their victims’ mobile devices via phishing or smishing or disguised as a legitimate application.
"Cyber attacks on smartphones are aimed at both private individuals and companies," says Stefan Decker, security researcher in the mobile team at G DATA CyberDefense AG. “Although mobile device manufacturers invest heavily in protection, the number of malicious apps is worrying. Users often lack the awareness and knowledge to recognize potential dangers. You tap on a link too carelessly and your own smartphone is already infected.”
Mobile malware classics
On the list of the most frequently found Android malware families are "Android.Trojan.SpyMax" and "Android.Trojan.Boxer". Both Trojans have been active since 2019 (SpyMax) and since 2016 (Boxer) and have caused high levels of damage. The banking Trojan “SpyMax” gets onto smartphones via phishing or smishing, i.e. via emails or SMS. Once installed, the malware reads information from the device and installed applications, such as online banking credentials. The Boxer Trojan hides in legitimate applications such as a QR code scanner and gets onto the smartphone during installation. He then unnoticed sends paid SMS or takes out paid subscriptions via SMS - to the financial loss of the owner.
Standard tip: don't open links directly
“Users should not open any links from an e-mail or SMS directly, but call up the website directly in their browser,” recommends Stefan Decker. "In addition, users should find out more about the app before installing it, check the required permissions and restrict them if necessary. Last but not least, an up-to-date security solution offers extensive protection and exposes smartphone malware infections.”
More at GData.de
About G Data With comprehensive cyber defense services, the inventor of the anti-virus enables companies to defend themselves against cybercrime. Over 500 employees ensure the digital security of companies and users. Made in Germany: With over 30 years of expertise in malware analysis, G DATA conducts research and software development exclusively in Germany. The highest standards of data protection are paramount. In 2011, G DATA issued a “no backdoor” guarantee with the “IT Security Made in Germany” seal of trust from TeleTrust eV. G DATA offers a portfolio from anti-virus and endpoint protection to penetration tests and incident response to forensic analyzes, security status checks and cyber awareness training to defend companies effectively. New technologies such as DeepRay use artificial intelligence to protect against malware. Service and support are part of the G DATA campus in Bochum. G DATA solutions are available in 90 countries and have received numerous awards.