Trend Micro have released a new report that are focusing on mobile system malicious applications for the first quarter of 2012, the document state discovering approximately 5,000 new malicious Android application which poses a big threat for Android users.
Android smartphones infection scenario described by Trend Micro is pretty simple, victim opens a compromised website that may contain a new video and you need to click for watching this movie and as a result victim download the piece of malicious code and execute it directly on the smartphone.
The report includes some previous examples that have been posted on Trends blog and looks critical such as Fake “Temple Run” app, Fake Russian Google Play and Jeremy Lin the NBA Player case, there are also a classification of mobile malware that comes as follows:
- WORM_DOWNAD.AD with 740,977 infection
- CRCK_KEYGEN with 197,330 infection
- PE_SALITY.RL with 83,916 infection
Map of infected Hosts by Trend Micro (click to enlarge)
All malicious attacks are exploiting some critical vulnerabilities and Trends top three most vulnerable vendors for this quarter are Apple with 91 vulnerabilities, Oracle with 78 and Google with 73 but the most critical bug is Microsoft windows RDP which allow an attacker to execute a malicious code remotely without having any login credentials.
Social network website remain a threat that is hard to control as “Social networking accounts are even more useful for cybercriminals because besides plundering your friends’ email addresses, the bad guys can also send bad links around and try to steal the social networking credentials of your friends. There is a reason why there is a price for stolen social networking accounts.” David Sancho, Trend Micro Senior Threat Researcher
You can find the full report by following this link: