NQ Mobile Inc. (NQ) List of Malware Trends [INFOGRAPHIC]

Updated on

NQ Mobile Inc (ADR) (NYSE:NQ) is busy with an alleged buyout offer amid accusations of massive fraud coming from famed research firm, Muddy Waters. But why can’t IR have some fun amid all the (likely) tension at the company? The IR team took the time to create an infographic and issued it in a press release, check it out for yourself!

 

With mobile malware doubling year after year, today we released new data and background information outlining the current threat landscape and projecting trends for the immediate future. Revealing details on infection rates and strains found around the world, the information demonstrates how such threats put sensitive data and bank accounts at risk.

NQ Mobile’s Mobile Malware Trends – Key Statistics for 1H 2014 include:

  • 85,970 new pieces of malware were discovered, a 68 percent increase over 1H 2013
  • Infections were detected in 37.5 million Android devices in NQ Mobile Inc (ADR) (NYSE:NQ)’s database of 136 million active user accounts worldwide, an increase of 78.6 percent over 1H 2013
  • 62 percent of malware falls into categories that can drive financial gain for malware engineers[1]
  • 11 percent of threats leaked users’ private data, which is often sold via the dark web

NQ Mobile’s Mobile Malware Trends – Top Findings Include:

  • Ransomware Hits Mobile Users: NQ Mobile Inc (ADR) (NYSE:NQ) discovered the first new mobile malware strain to use file encryption ransomware for its attack. Dubbed “Simpelocker,” this Trojan was packaged with genuine Android apps and would infect the devices of unsuspecting users who unknowingly downloaded the APK file from apps in third-party markets. Once installed, the app would request permissions to perform a variety of actions like writing to external storage devices. The Trojan could also scan the SD card for specific file types (.jpeg; .bmp; .gif; .doc; .docx, etc.) and attempt to encrypt them.
  • Profit Leads Malware Motives: 62 percent of malware in 1H represented categories likely to financially benefit cybercriminals at the expense of smartphone users, often through premium rate services and data overcharges. Two examples are “Trick Connector” (a.payment.hdcSms.a), which led unsuspecting users to send premium SMS and automatically connect to the Internet, and “Stealth Subscribe” (a.payment.FakeInst.eaz), which would sign users up for recurring-charge services without their knowledge by sending messages in the background.
  • Scandals Put Spotlight on Privacy Threats from Data Theft: While news headlines throughout the past year have brought to light the ease which one can unwittingly be a victim of data theft or other invasion of privacy, this is nothing new to cybercriminals. In 1H 2014, 11 percent of mobile threats came in the form of a genuine or malicious app with the ability to gather and leak personal information without the device user’s knowledge or consent. This information is often shared or sold on the dark web via P2P, TOR and/or I2P networks to cybercriminals who then use social engineering tactics to gain access to the consumer’s finances.

NQ Mobile’s Mobile Malware Trends

NQ Mobile Mobile Malware

NQ Mobile’s Mobile Malware Trends: The Fake Play virus

In 1H 2014, the NQ Security Center captured and quarantined the “Fake Play” (a.privacy.FakeGooglePlay.a) virus, which masqueraded as the Google Play App Store. Once installed, the app could surreptitiously run in the background, intercepting and uploading users’ messages as well as contacts and app data.

  • Server-side Botnets Rapid as Potential Privacy Killers: Server-side botnets remain one of today’s most pressing mobile security concerns. Known for their ability to remotely control the infected device, these threats interact with a remote server or client to upload or retrieve malicious codes or scripts and take device information such as IMEI, IMSI, mobile number, system version, to name a few, without user consent.

For example, the “Text Thief” (1.a.remote.Newnovel.a) virus was captured and eradicated by the NQ Security Center in Q1. This virus would automatically load and unpack an encrypted .jar file that could block text messages from designated numbers while sending unauthorized messages to paid subscriber services. It would also try to obtain system root privileges in order to download and silently install .apk files.

  • Emerging Markets with Unregulated App Markets keep Android on Top: Fuelled by rapid market penetration in the absence of consumer education and tightly-controlled app stores, the Android OS has broadened its lead as primary platform for mobile malware, representing 96 percent of all device infections. While this predominance will likely persist until other operating systems rise in popularity, there are signs that user education and secure app marketplaces are stemming the growth of infection rates in mature markets. For example, infection rates of new malware detected in markets with more mature Android penetration such as Russian and China have declined, those where Android is newer in the market such as Indonesia, Nigeria and Vietnam are increasing in new malware significantly.

Based on the 85,970 new pieces of malware found by NQ Mobile Inc (ADR) (NYSE:NQ):

Country 1H 2014Place 1H 2014New Infection Rate 1H 2013Position 1H 2013New Infection Rate Y/Y Change (in percent) Y/Y Change (in # of  devices infected)
China 1 18.2% 1 31.7% -42.7% 2.3%
India 2 14.2% 3 10.4% 36.9% 144.4%
Saudi Arabia 3 9.6% 6 6.0% 59.9% 185.6%
Indonesia 4 8.2% 7 3.1% 168.7% 351.6%
USA 5 7.7% 4 6.5% 18.3% 124.5%
Nigeria 6 6.7%
Vietnam 7 6.3% 10 0.9% 615.9% 1255.5%
Russia 8 4.2% 2 17.2% -75.5% -34.0%
Thailand 9 3.2% 5 6.0% -46.3% -4.1%
Malaysia 10 3.0% 9 2.0% 48.7% 165.5%

 

Research Methodology

NQ Mobile’s 1H 2014 Security Report is based on insights from NQ Mobile’s Security Labs, as well as data collected from NQ Mobile’s global malware database, scanning engines and its network of hundreds of millions of registered users.

Via NQ.com

Leave a Comment