Opportunity makes thieves: With an estimated market share of more than 50 percent in Germany, Android has also attracted the dubious attention of cyber criminals increasingly. Thus, although dominated loud Bitdef e Direction especially conventional adware and SMS Trojans the report on the online threat landscape in 2014, but also a new threat category has next to it is on its way to the top: Mobile ransomware. Bitdefender presents the ten most popular mobile malware in 2014:
Android.Adware.Plankton.A Since its first appearance in 2012, the plankton family has been dominating reports on the online threat situation in Germany. The most important feature of this adware family is its ability to download more Android applications as well as the ability to remotely execute commands. And even though Android.Adware.Plankton.A is already more than two years old, it remains one of the most prevalent threats, accounting for 17.39 percent of total infections.
Android.Trojan.SMSSend.CN Android SMSSend.CN is in second place among the most prominent Android threats. With a 14.72 percent infection rate, this malware family is primarily targeted for premium SMS service fraud. After installation, the application runs in the background and sends premium SMS messages, which adds considerable additional costs to the user.
Android.Riskware.SMSSend.gqvj Similar to Android.Trojan.SMSSend.CN, this riskware family is also targeting SMS payment functionality. During installation, the application requests access to SMS features and misuses this permission to send a series of premium messages to various contacts.
Android.Riskware.Mobgen.A This adware family ranks fourth among the top ten Android malware in Germany, spreading aggressively through advertisements placed on trusted websites. The user is so deceived and made to install on the displayed banner an alternative marketplace. Although this third-party marketplace is not harmful in itself, the means by which users are manipulated for installation are unlawful.
Android.Adware.KyView.A Android.Adware.KyView.A lands in fifth place of the German top ten malware and is associated with applications of certain ad frameworks. Once installed, they will be able to collect private data such as contacts and messages.
Android.Adware.Mulad.P Android.Adware.Mulad.P is mainly used to manipulate harmless free apps with ad code and then repackage them in third-party marketplaces. Although these apps are not inherently harmful, they are taken over and misused by third parties to gain financial benefits.
Android.Adware.Youmi.A Android.Adware.Youmi.A is recognized as an adware program that uses certain ad-supported SDKs for its own purposes.
Android.Riskware.Agent.gXZTI The infection share of Android.Riskware.Agent.gXZTI in Germany is 2.77 percent. This malicious program is related to applications that send expensive premium SMS to specific numbers.
Android.Riskware.Agent.XAB Nine of the top German malware scores Android.Riskware.Agent.XAB. This malicious program is also known as GingerMaster exploit and attempts to roast devices running Android versions between 2 and 2.3. Normally, such a root process is done voluntarily by the user, but there are also malware families who exploit such exploits to undermine the security of operating systems unnoticed.
Android.Trojan.FakeInst.AX Android.Trojan.FakeInst pretends to be an installer for browsers, antivirus solutions or instant messaging services, and its creators make good money on the tricked out users. Once downloaded and installed, the Trojan begins shipping expensive SMS messages to premium numbers. Some variants require the consent of the user, others not. It is noteworthy that this Trojan regularly alters its icon to remain unrecognized, but always comes with the same configuration file with a link to the app to be installed.
