Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Android stats v6 for threat report - Sophos

247 views

Published on

Android stats v6 for threat report - Sophos

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Android stats v6 for threat report - Sophos

  1. 1. Confidential - Sophos internal and partners only 1 Mobile threats are here to stay and evolving Everyone is mobile • Every organization faces security risks when employees mix personal and business access to apps, email, the internet from a device • Any device that is roaming is vulnerable • Employee productivity versus security must be balanced • Every business needs to evaluate what their risks are Core reasons why Android devices are attacked • Google Play store is not immune to malware • 3rd party stores are a major attack vector • Multiple ways to monetize: ransomware, cryptojacking, banking Trojans, rogue advertisement and premium SMS
  2. 2. Mobile Threat Data Points Confidential - Sophos internal and partners only 2 iOS THREATS <10 ANDROID THREATS 4 Million+ VS. 2017 SophosLabs Analyzation Vast majority of 4 Million Malware Samples came from outside Google’s walled garden In 2017, Google Play reported 35 different threat families Google took down 700,000 packages violating Google Play policies A continuing trend: 47 threat families so far 6 of 37 malware families discovered at SophosLabs
  3. 3. Android apps removed from Google Play 3 37% potentially harmful applications removed from Google Play in 2017 – SophosLabs Total apps submitted to Google Play in 2017: 2,144,733 Free Apps: 2,012,893 Paid Apps: 131,840 37% - Removed from Google Play app store Free Apps: 681,241 Paid Apps: 109,897 Left in Google Play: Free Apps: 1,331,652 Paid Apps: 21,943 14.2 billion installs Built by 184,852 developers
  4. 4. Malware on Google Play found by SophosLabs 4 Cumulative number of malicious apps on Google Play from July 2017 till September 2018 0 2000 1800 1600 1400 1200 1000 800 600 200 400 (number of unique applications) July 2017 January 2018 September 2018 SonicSpy CPUMiner ExpensiveWall BankBot AsiaHitGroup Tizi LightsOut MyEtherWallet 47 New Malware Families 280 Million Downloads 6 out of 37 Malware Families Discovered in 2018 Were Discovered by Sophos
  5. 5. Android Malware Growth, 2015-2018 5 Annual rate of new Android malware and PUA collected by SophosLabs 0 500,000 1,000,000 1,500,000 2,000,000 2,500,000 3,000,000 3,500,000 4,000,000 4,500,000 2012 2013 2014 2015 2016 2017 2018 Malware PUA Source: SophosLabs, 2017 100% increase in new malware sightings expected, as compared to 2015 projected
  6. 6. Android Ransomware: No sign of going away 6 0 50,000 100,000 150,000 200,000 250,000 300,000 350,000 400,000 450,000 500,000 2013 2014 2015 2016 2017 2018 Jan- Aug New Android ransomware samples collected by SophosLabs, per year SophosLabs: Cryptojacking is replacing ransomware as a preferred monetization route. But ransomware shows no sign of going away
  7. 7. Cryptominers: On The Rise Confidential - Sophos internal and partners only 7 SophosLabs: • Discovered 25 cryptomining apps on Google Play disguised as games and educational applications on September 24, installed more than 120,000 times LINK • Observed more than 20,000 different variants of the Loapi cryptomining malware in the second half of 2017 function startMiner(n, id) { if (isAlreadyStarted) return; isAlreadyStarted=true; var miner = new CoinHive.Anonymous(id, { threads: n-1, autoThreads: true, throttle: 0.5 }); miner.start(); } Generates cryptocurrency for cybercriminals
  8. 8. Resources Confidential - Sophos internal and partners only 8 SophosLabs Uncut “Android” o Research straight from SophosLabs Naked Security News o Industry security news SophosLabs on Twitter o Follow for breaking news and updates Sophos Mobile Security o Technology innovations and protection

×