Quick Heal’s Annual Threat Report warns of ransomware
Quick Heal recently released its Annual Threat Report for 2015. The report brings to light the malware trends that affected Android and Windows systems during 2014, and reveals what types of security challenges to expect in 2015. It’s common knowledge that ransomware and adware have adversely affected Windows for years, but now these same threats have become more sophisticated and increasingly ubiquitous as they invade Android systems.
With regards to threats affecting Windows systems, Quick Heal mentions in their report that ransomware has now gone local, with attackers displaying messages in localized formats with local time zones, local languages and local authorities taken into consideration. The company says that ransomware was a huge problem in 2014, and that the attackers would virtually encrypt or lock down the victims’ devices when demanding ransom payments. Quick Heal predicts that ransomware will evolve with advanced propagation techniques in 2015, and that it is a serious threat that will require increased vigilance.
If localized ransomware wasn’t bad enough, Quick Heal says we can also expect nuisance adware to keep evolving into techniques the company calls “malvertising.” According to the report, the most dominant malware of 2014 was adware that would inject banner ads, hijack default web browsers and search engines and cause computers to become slow and unstable. The company says 59% of the malware samples that were detected were classified as spam while the remaining was considered adware.
Android users will have to beef up their security in the coming year as well, it seems, as Quick Heal’s Threat Research Labs have discovered what the company calls “exponential growth” in Android malware. The company found nearly 3 million samples of Android malware in 2014, and it says that Android malware has mushroomed with a “304 times growth” between the years 2011and 2014. The report also indicates that the number of Android malware samples detected had quadrupled in 2014. Additionally, Quick Heal’s findings point to 536 new malware families and 616 new variants now infecting Android systems, and the findings go on to show that the official Google Play store hasn’t been spared since Android users are now being exposed to fake paid applications marketed on the store.
As more users make the transition from laptops to hand held Android devices, so do cyber thugs. The same ransomware and adware problems faced on a PC are now being experienced on Android devices, and Quick Heal predicts that mobile adware will dominate the Android scene in the near future. One prominent form of Android adware mentioned in the report is Android.Viser.A.
Ransomware attacks on Android devices use similar methods employed in Windows attacks, with devices being encrypted along with demands for ransom payments. Quick Heal’s report says Android systems were infected with the first Worm capable of spreading via SMS and infecting numerous other devices without end. Further, the company says that the first boot-kit was detected on Android devices, and that this modifies the device’s boot partition.
Sanjay Katkar, CTO of Quick Heal Technologies, commented on these developments, “2014 has been an eventful year for Quick Heal and for the IT security world in general. While attackers are continually devising new methods to infiltrate systems and devices, security companies have to be more proactive and alert than ever. The threat landscape has drastically changed over the last few years and this makes our job harder and highlights the importance that users and enterprises must pay to channels such as social media, web-based services, cloud portals and more. All bits of data can be monetized today, but we firmly intend to keep our users secure over the varied devices and portals that they regularly use.”
Quick Heal predicts that emerging cashless payment systems, banking credentials and apps will be targeted by malware authors in the coming year, and that Wi-Fi networks will become what the company calls “the new battleground” as hackers resort to man-in-the-middle attacks as a means to interrupt, redirect and intercept mobile traffic packets.