The latest ‘Threat Index‘ from security specialists Check Point makes for grim reading, especially for Android users, with warnings that HummingBad has returned to the overall top-three threats across all platforms, and has now infected a staggering 85 million devices globally.
And to make matters worse, Check Point said that its latest threat data research has revealed a 61 percent increase (almost two thirds) in the number of active malware families in the first half of 2016.
Indeed, in its June Threat Index report, Check Point detected 2,420 unique and active malware families attacking business networks in June, representing a 21 percent increase since April. Business networks and mobile devices are the most threatened, highlighting the scale of risk faced by internal IT teams.
But mobile malware is an increasing concern, as HummingBad is in third position, and thanks to its infection of 85 Android devices, is estimated to be generating $300,000 (£227,920) per month in fraudulent ad revenue.
HummingBad is thought to have been developed in China, and last month security firm Lookout warned that it controls around 10 million devices.
The malware, which is attached to infected versions of Facebook, Twitter, WhatsApp and Okta’s enterprise single sign-on app, installs a rootkit that allows it to remain in place even after a factory reset, Lookout said.
It puts into place applications that generate fraudulent advertising revenue, as well as other fraudulent apps.
The malware is believed to be developed by Chinese organisation called Yingmob, a highly organised group with 25 employees staffing four divisions that develop the malware’s components.
Other mobile malware causing concern is Iop, which is Android malware that installs applications and displays excessive advertising by using root access on the mobile device. The amount of ads and installed apps makes it difficult for the user to continue using the device as usual, warned Check Point.
But it is not just Android. Apple The third biggest threat to business mobile devices is XcodeGhost, which is a compromised version of the iOS developer platform, Xcode. It apparently injects malicious code into any app that was developed and compiled using it. The injected code sends app info to a C&C server, allowing the infected app to read the device clipboard.
“The sustained, significant increase in the number of active malware families targeting business networks during the first half of 2016 highlights the escalating threat levels that organisations are currently facing,” said Nathan Schuchami, head of threat prevention, Check Point
“Hackers are putting extensive effort into creating new, sophisticated malware families to defraud companies and steal data,” said Schuchami. “Organisations need advanced threat prevention measures on their networks, endpoints and mobile devices to stop these threats before they fall victim to them.”
AI-powered Reddit Answers allows users to access information based on Reddit posts, in move to…
Former co-developer of voice mode for OpenAI's ChatGPT launches WaveForms AI to make AI voice…
OpenAI releases Sora AI video-generation tool to ChatGPT Plus and Pro subscription users amidst concern…
Tesla to initially use human back-up controllers for company-owned robotaxi fleet at launch next year,…
Chinese government opens antitrust probe into Nvidia's $7bn acquisition of Mellanox, in move seen as…
Google Willow quantum chip makes significant improvements in error correction, moving quantum computing closer to…