Malware threats to Google's mobile operating system are on the rise, and the spyware category saw sharp growth in the first few months of the year. Only those involving Android apps with private data appropriation software grew by 170%.
ESET's new report points to an increase in malware threats targeting Android applications in the first few months of the year, with a special focus on certain categories. The security company highlights spyware, which monitors user activities on the smartphone or tablet, and indicates a 170% growth in apps with software that steals private data.
ESET explains that spyware does not directly steal money from its victims, but that it takes over all the sensitive data it can, managing to access various functions of mobile devices such as audio and video recordings. But it warns thatthe sharp growth of spyware means that criminal actors are being able to find ways to monetize personal or business data via Android devices".
"In many cases, victims do not know when their stolen data will be used, and may be surprised years later, which in turn makes it difficult to determine how it happened. This means that it is likely that most people affected by the current spyware boom are still unaware that they have been victims of information theft.“, underlines an expert from ESET.
BUT: Investments in digital solutions in sub-Saharan Africa come with cyberextortion
Among the threats identified in 2022 are a variant of the Android/Spy.Agent Trojan that establishes full control over the device and its contents if the malicious app's permissions are accepted by the user. This was named as one of the top 10 Android threats recorded in the first four months of the year 2022.
AppCensus researchers also found several apps on the Google Play store that contained malicious code in order to collect phone numbers, email addresses and location data. These apps were still available and some were downloaded more than 10 million times before Google intervened.
Investigators linked these apps to a Panama-based company that, according to the Wall Street Journal, will be linked to a US defense contractor that offers cyberintelligence services.
In addition to spyware, ESET indicates that some threats on Android have grown in these months, such as scam apps (27,7%), clickers (31,6%) and SMS trojans (145,2%). In the opposite direction, adware and stalkerware seem to be decreasing, with the number of detections decreasing between the third quarter of 2021 and the first quarter of 2022 (-11% and -11,7%, respectively).
Banking malware also saw growth of 13,9% after a reduction in the previous period. One of the cases analyzed by ESET researchers was a campaign targeting customers of eight banks in Malaysia, with malware distributed through malicious applications downloaded from fake websites, but with a legitimate appearance.
ESET's report Threat Report Q1 2022, compiles the main statistics of the security company's detection systems and can be consulted online.
