Virus-writers prefer Android 2.3 and 4.0

Posted: October 24, 2012 in IT Security News
Tags: ,

Android Hacked“Kaspersky Lab” summed up the activity virus writers in the third quarter of 2012. According to the results of the quarter, analysts have identified “gastronomic predilections” malicious programs about versions of the Android platform and new incidents of cyber espionage.

The trend of rapid growth of new mobile malware for Android has continued in the last quarter. So experts “Kaspersky Lab” decided to determine which versions of the users most likely to be targets of attacks.

Most of the attacks were of version 2.3.6 «Gingerbread» and 4.0.4 «Ice Cream Sandwich».

To “Gingerbread” platform had 28% of reflected attempts to install malicious software during the quarter. Although the system is not new and was released in September 2011, due to a strong market segmentation Android-devices, this version and to this day remains one of the most popular, which in turn causes an increased interest of virus writers. Comparing our results with the official figures on the distribution of the various versions of Android mobile devices in the last 14 days of September, we see that in 48% of cases, the victims were criminals users version Gingerbread, which is set at 55% of the devices, and 43% – the most users latest version of Android Ice Cream Sandwich, installed on 23.7% of devices.

Activity virus writers

The activity virus writers in the third quarter of 2012

Program Gauss was found during the investigation, which was conducted by the International Telecommunication Union (ITU), launched after the discovery of malware Flame. Essentially Gauss – a “bank” the Trojan state level. Apart from the theft of a variety of data from the infected Windows-based computers, it contains a malicious payload whose code is encrypted, but the appointment has not yet been elucidated.

Also, experts have managed to obtain new information about the managed server malware Flame. Shell code to the server supports three data transfer protocol. It handles requests four different malicious programs identified by the authors as SP, SPE, FL and IP. Of the four malware currently known two: Flame and SPE (miniFlame).

Interesting changes have also taken place in the geography of threats. In the ranking of countries by the number of malicious hosting leader has changed: from the first place the U.S. has pressed Russia with a score of 23.3%, which is 3% more than in the States. Now most of the web resources (86%) to spread malicious programs located in ten countries – Russia, the U.S., the Netherlands, Germany, France, UK, Ukraine, China, and the Virgin Islands (UK), and Vietnam.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s