Kaspersky’s latest report on mobile malware evolution in 2024 reveals a significant increase in cyber threats targeting mobile devices.
The security firm’s products blocked a staggering 33.3 million attacks involving malware, adware, or unwanted mobile software throughout the year.
Mobile Malware Landscape Evolves with New Distribution Schemes
Adware continued to dominate the mobile threat landscape, accounting for 35% of total detections.
Kaspersky’s security network identified 1.1 million malicious and potentially unwanted installation packages, with nearly 69,000 associated with mobile banking Trojans.
The report highlights several new and concerning trends in mobile malware.
A novel distribution scheme for the Mamont banking Trojan was discovered, targeting Android users in Russia.
The attackers employed social engineering tactics, luring victims with discounted products and subsequently delivering malware disguised as shipment tracking apps.
Researchers also uncovered a new NFC banking scam in the Czech Republic, where cybercriminals used phishing websites to spread malicious modifications of the legitimate NFCGate app.
This scheme tricked users into exposing their bank card details via NFC connection, enabling fraudsters to make unauthorized transactions.
Emerging Threats and Sophisticated Attack Vectors
Another significant discovery was the SparkCat SDK implant, which began spreading in March 2024.
This malware, found in several Google Play apps, was designed to exfiltrate images from device galleries, particularly targeting cryptocurrency wallet recovery phrases.
Notably, a variant of this implant also managed to infiltrate Apple’s App Store, marking it as the first known OCR malware to bypass Apple’s stringent security measures.
The mobile threat landscape saw a rise in preinstalled malicious apps, including the detection of the LinkDoor backdoor (also known as Vo1d) on Android-powered TV set-top boxes.
This malware, embedded in a system application, could execute arbitrary code and install additional malicious packages.
While the overall number of unique malware and unwanted software installation packages continued its multi-year decline, the rate of decrease has slowed.
Particularly concerning is the persistent upward trend in mobile banking Trojan activity, despite the reduction in unique installation packages.
As mobile devices increasingly become prime targets for cybercriminals, the need for robust security measures and user awareness has never been more critical.
The evolving sophistication of mobile malware underscores the importance of staying vigilant and employing comprehensive mobile security solutions to protect against these growing threats.
Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.
