The latest ‘Threat Index‘ from security specialists Check Point makes for grim reading, especially for Android users, with warnings that HummingBad has returned to the overall top-three threats across all platforms, and has now infected a staggering 85 million devices globally.
And to make matters worse, Check Point said that its latest threat data research has revealed a 61 percent increase (almost two thirds) in the number of active malware families in the first half of 2016.
Indeed, in its June Threat Index report, Check Point detected 2,420 unique and active malware families attacking business networks in June, representing a 21 percent increase since April. Business networks and mobile devices are the most threatened, highlighting the scale of risk faced by internal IT teams.
But mobile malware is an increasing concern, as HummingBad is in third position, and thanks to its infection of 85 Android devices, is estimated to be generating $300,000 (£227,920) per month in fraudulent ad revenue.
HummingBad is thought to have been developed in China, and last month security firm Lookout warned that it controls around 10 million devices.
The malware, which is attached to infected versions of Facebook, Twitter, WhatsApp and Okta’s enterprise single sign-on app, installs a rootkit that allows it to remain in place even after a factory reset, Lookout said.
It puts into place applications that generate fraudulent advertising revenue, as well as other fraudulent apps.
The malware is believed to be developed by Chinese organisation called Yingmob, a highly organised group with 25 employees staffing four divisions that develop the malware’s components.
Other mobile malware causing concern is Iop, which is Android malware that installs applications and displays excessive advertising by using root access on the mobile device. The amount of ads and installed apps makes it difficult for the user to continue using the device as usual, warned Check Point.
But it is not just Android. Apple The third biggest threat to business mobile devices is XcodeGhost, which is a compromised version of the iOS developer platform, Xcode. It apparently injects malicious code into any app that was developed and compiled using it. The injected code sends app info to a C&C server, allowing the infected app to read the device clipboard.
“The sustained, significant increase in the number of active malware families targeting business networks during the first half of 2016 highlights the escalating threat levels that organisations are currently facing,” said Nathan Schuchami, head of threat prevention, Check Point
“Hackers are putting extensive effort into creating new, sophisticated malware families to defraud companies and steal data,” said Schuchami. “Organisations need advanced threat prevention measures on their networks, endpoints and mobile devices to stop these threats before they fall victim to them.”
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…