Analysts from threat research at the cloud security firm, Zscaler, found more than 200 Apps in the Google Play Store contain malware.
These malicious apps were installed not less than 8 million, 543 thousand and 412 times in one year. The apps were mostly extracted from tools, photography, lifestyle and productivity subcategories.
This was revealed in Zscaler’s 2024 Mobile, IoT & OT Threat Report that looks at mobile device and IoT/OT threat activity from June 2023 to April 2024.
According to the report, there has been a constant increase in mobile and IoT threats, and users have been advised to be keen to protect their devices.
Surge in Cyber Threats: Some of the findings derived from Zscaler’s 2024 report
The Zscaler report reveals that the volume of attacks that are motivated by financial perquisites of the mobile attacks have risen in the past one year.
Thus, despite of the fact that number of Android-based attacks in general has declined, the number of attacks belonging to some categories, including banking malware and spyware, has increased.
These threats have been on the rise, which is a big threat to users of mobile products all over the world.
The report shows that the number of IoT malware transactions that were prevented by the Zscaler Cloud in this year reached thirty-five percent more than in the previous year, a factor that shows how more threats are been targeting IoT devices.
Also the malware payload delivery to IoT was up by 12% with more connected devices now targeted by cyber criminals.
Infections caused by Banking Malware and Spyware are on the rise
Even if some brands of Android malware declined the report established that there was 29% increase in banking malware attack.
These attacks are focused on users’ financial information with an aim of embezzling their credentials or else performing unauthorized operations.
Spyware incidents, on the other hand, described a soaring trend with a staggering YoY increase of 111%, 18 Many of these attacks targeted the workarounds of multi-factor authentication (MFA).
The given results show the constant development of threats since attackers switch to more complex techniques to infiltrate users’ mobile devices.
Financial oriented threats continue to be popular with hackers using advanced malware to seek and compromise on important information.
Cybercriminals Taking Advantage of out of Date Equipment
Zscaler’s Chief Security Officer, Deepen Desai, urged that hackers are increasingly exploiting vulnerable and outdated systems.
These systems are used in estates and organisations and act as a point of entry for cyber attacks on IoT and OT devices. This can result into major cases of data infringement and ransomware attack.
Desai also urged companies to deploy artificial intelligence-based zero-trust security frameworks. Such systems can prevent and identify attack vectors on the fly so the instances of successful penetration are minimized.
This is convenient as zero-trust architectures are growing essential for enterprises that need to protect their networks against both external and internal threats.
This year’s most popular malware, Joker, found its way to Google Play.
Out of over 200 dangerous apps, there was an average of 38.2% of the ‘Joker’ malware in the Google Play app store. Joker refers to a SmartPhone program designed to sign users up to premium services, something that the end-users will not have authorized.
It is a rather harmful threat because users do not realize charges have been made until later.
The second most prevalent threat was adware, contributing to 35.9% of the malicious application discovered.
It is another type of malware that demands its users’ attention to pop-up advertisements and can hog system resources.
Other types of malware detected were Facestealer with the percentage of 14.73%, Copper at 3.66%, Loanly Installer 2.27%, Harly at 1.35% and Anatsa at 0.92%.
Anatsa Banking Malware: A Global Threat
Report also finds quite a number of malware types, one of the most dangerous being Anatsa, also referred to as Teapot.
This banking malware not only enters devices through fake Suite apps but also through what seems to be harmless apps like PDF and QR code readers.
After installation it aims at customers’ banking details most of the times leading to identity theft and fraud.
Anatsa has taken business with over 653 financial institutions across the world; by geography, it has focused on Germany, Spain, Finland, South Korea and Singapore among others.
This malware is almost invisible, which makes it the most dangerous threat for the financial industry.
Internet of Things malware established itself as a threat last year, and based on reports it mostly affected the manufacturing sector.
According to the Zscaler report, manufacturing tops the list as the most attacked industrial segment, with 36.9% attack volume. The transportation sector experienced 14.2% IoT attacks while food, beverage and tobacco industry was not lagging far behind with 11.1% IoT attacks.
Many industries incorporate IoT devices that are connected to the internet and usually used to regulate operations.
However, it also means that with the current state of technology where there always tends to be a weak link, there is higher risk of cyber criminals tampering with older systems.
India is most affected in mobile malware.
According to this report, India ranks as the most attacked country due to mobile malware comprising of 28% of all the attacks. This is trailed by United States, Canada, south Africa, and The Netherlands.
These countries received a number of malware attacks in which a common outcome was identity and financial fraud.
When it comes to IoT attacks, the United States was the biggest victim as 81 percent of total cyber attacks on IoT pelted the country. Other countries that the company has heavily marketed were Japan, China, Singapore & Germany.
Increasing Risks Found in OT Systems
According to the Zscaler threat report, one of the significant trends worth worrying about is how non-internet connected OT platforms are gradually becoming exposed.
But as the systems become more connected into enterprise networks, they are also more vulnerable to outside threats.
This alone offers cyber criminals a sizable window into which to get into, bear in mind that vulnerabilities can impact a multitude of people.
OT deployments entail many thousands of connected devices at numerous sites, creating management and security headaches.
These areas are under the risk of being invaded through exploiting the zero-day vulnerability and get exposed to information and network intrusions and even ransomware attacks.
Ways to Guard Your Android Device against Infection
To protect your Android device from the growing threat of malware, it’s important to follow a few simple steps:
1. Do not download your applications from third-party stores of applications. Beware of downloading apps from other third party websites for it can be dangerous and therefore only download from reputable sites like the Google Play Store.
2. Jepread the applications before downloading it. This will make it easy for you to find out applications that may cause problems or unsatisfied user experience.
3. Check the origination of the publisher in order to be sure that is original and not a fake application.
4. And be careful when granting permissions to an application. For example, do not be giving a lot of permissions to many apps and others they don’t have any need for.
5. You should update your security software, as the update may contain the protections against relatively new threats.
If you follow all these tips you will be safe and you will not get caught up by malware that compromises the devices.