FortiGuard Labs reports increase in Android adware between July and September, 2012

Infotech Lead India: FortiGuard Labs researchers reported an increase in Android adware between July and September, 2012.

The report said Zitmo (Zeus-in-the-Mobile) mobile banking Trojan is evolving into a botnet and Romanian hackers are performing large scale scanning for Web vulnerabilities.

In the last three months, FortiGuard Labs reported a surge in Android-based mobile adware with a volume of activity comparable to Netsky.PP.

FortiGuard monitoring systems detected two adware variants — Android/NewyearL and Android/Plankton — in the APAC and EMEA regions and four percent in the Americas.

These two adware variants cover various applications that embed a common toolset for unwanted advertisements displayed on the mobile’s status bar, user tracking through their International Mobile Equipment Identity (IMEI) number and dropping of icons on the device’s desktop.

“The surge in Android adware can most likely be attributed to users installing on their mobile devices legitimate applications that contain the embedded adware code. It suggests that someone or some group is making money, most likely from rogue advertising affiliate programs,” said Guillaume Lovet, senior manager of Fortinet’s FortiGuard Labs Threat Response Team.

FortiGuard Labs recommends paying close attention to the rights asked by the application at the point of installation. It is recommended to download mobile applications that have been highly rated and reviewed.

As banks and online merchants start two-factor authentication − through the use of an SMS code to bring the second authentication factor and confirm a transaction − Android and Blackberry users should be mindful anytime their financial institution asks them to install software onto their computing device.

FortiGuard Labs recommends conducting online banking from the original operating system CD. If that is not an option, users should install an antivirus client on their phone and desktop PCs and make sure they are updated with the latest patches.


[email protected]