October 24, 2012

Why Malware Writers Dig Russia and China

Our State of Mobile Security 2012 report highlighted several trends in a mobile economy that’s gaining momentum. From the newfound profitability of the malware industry, to the growth of mobile privacy concerns, the smartphone ecosystem calls for the protection Lookout delivers. We’ve seen that the threats and their whereabouts are two things people are particularly interested in. And to really understand those, we’re going to put our black hats on again and think like the bad guys.

Malware writer motivations have their differences, but malicious code with money-making intent is definitely on the rise. The Toll Fraud malware family is the most common of these, and it’s left its mark globally. Looking at the figure above, we see this mark is more defined in some regions than others.

So why have the bad guys had greater success in places like Russia and China than in the Western Hemisphere combined? For one, the mobile infrastructure in these highly infected areas caters to malware writer mischief. Independent app stores are more popular, and with minimal automated analysis of apps submitted to their marketplaces, these stores are the perfect places for malware writers to test out their malicious code. Also, in markets where people are less likely to pay for apps, they’ll find pirated applications commonly seen in independent app stores attractive. ‘Repackaged’ apps like these may appear free of charge, but often usurp user information in other ways (i.e. LeNa, Gamex).

Also, Toll Fraud malware is more successful in these areas because of lax premium SMS regulation. Safeguards such as double-confirmation subscriptions are not standardized across geographies.

So although there’s more money to be had in markets like the United States, it’s simply easier for the bad guys to make a buck overseas. That doesn’t mean malware shouldn’t be a concern for people in less affected regions, though. Wherever there’s money to be made or personal data to take advantage of, there are malware writers working to benefit. The good news is that Google Play does a decent job of removing malicious apps that make it into their marketplace and have even improved security around the submittal process. Even so, having a mobile security app like Lookout on your device is an essential safety blanket. When it comes to your personal information, there’s no such thing as too much security.

Leave a comment