Kaspersky Lab has published its IT Threat Evolution Report for Q2 2013, which analyses IT security incidents and trends. According to the report, mobile malware was the most significant statistical category for the second quarter, in both quantity and complexity. Not only are cybercriminals developing more malware targeting mobile platforms, they’re also advancing the programs’ capabilities and behaviours. In addition to mobile malware, cybercriminals focused heavily on implementing campaigns designed for illegal bitcoin mining and theft as the digital currency’s value rapidly increased during the second quarter. With mobile malware, the malicious code is modified to infect legitimate mobile applications. The common procedure for cybercriminals is to download legitimate applications and modify them by adding the malicious code. Cybercriminals then redistribute the modified” and now malicious – applications to sites where they can be downloaded by users, such as third-party app stores. Malicious code samples are being inserted into the modified applications using cloud-based technologies, heuristics and antivirus signatures. While the most prevalent mobile malware category has traditionally been SMS-Trojans, this trend declined in the second quarter as Trojans designed for mobile platforms started to incorporate more capabilities and flexibility. In the second quarter, Backdoor Trojans had the largest amount of modifications added. In terms of mobile malware capabilities, cybercriminals are now adding obfuscation techniques to evade analysis while frequently compiling programs that carry multiple payloads, which can generate money using several types of illegal business models. New variants can also extract larger amounts of stolen data from users’ devices while also being able to download and install additional malware onto infected devices.
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.