In 2015, the volume of malware directed against mobile devices tripled compared with 2014. The most dangerous threats in 2015 were the ransomware programs that malicious software can get unlimited rights to a 'contaminated' device, as and hacking programs, including the financial malware. These are the main findings of the annual report «Mobile Virusology», which was drafted by the Antimalware Research Group of Kaspersky Lab


In numbers, the landscape of mobile threats in 2015 was as follows:

  • 884 774 new malicious programs detected by Kaspersky Lab. This figure noted a threefold increase compared to 2014 (295.539)
  • The number of new mobile banking Trojan decreased to 7,030 samples from 16 586 in 2014
  • 94 344 unique users were attacked by mobile ransomware. This size yperpentaplasiastike compared to 2014 (18.478)

Continuous increase in ransomware programs

2015 was the year of ransomware programs. Once an infected device with this type of malware, malicious applications block the device with a pop-up window containing a message, according to which the user has committed unlawful acts. To unlock the device, the user must pay ransom usually range between $ 12 and $ 100.

The number of the Kaspersky Lab product users for mobile devices was attacked by ransomware programs increased from 1.1% to 3.8% between 2014 and 2015 attacks were recorded in 156 countries, with more to be found in Russia, Germany and Kazakhstan. Malicious software «Trojan-Ransom.AndroidOS.Small» and the amendment of the «Trojan-Ransom.AndroidOS.Small.o», was the most active in Russia and Kazakhstan. The «Small.o» was the most widespread ransomware program for mobile devices detected by Kaspersky Lab last year.

The number of applications ransomware amendments has increased by 3.5 times, evidence that fraudsters seeing more and more benefits to blackmail as means of obtaining money. The 2016einai likely to see an increase in complexity of these malicious programs and their modifications, with more geographical areas to target.

android malware

Malicious software with ultra-access rights - a threatening development

In 2015, almost half of the 20 most prevalent Trojan was malicious programs were embarrassing ads on mobile devices. The most popular last year were the Trojan Fadeb programs, Leech, Rootnik, GoPro and Ztorg. Fraudsters have used every available method to propagate these Trojan, through malicious web-banners, fake games, even legacy applications that had risen in official app stores. In some cases, they had placed as legitimate software pre-installed on devices suppliers.

Some of these applications are able to gain access rights «super-user» or «root access». Such rights give attackers an almost unlimited ability to modify the information stored in a broken device. If the installation is successful, the malware becomes almost impossible to remove, even after a factory reset. Tamobilekakovoula programs «root access» rights became known for the first time about 2011, while last year was extremely popular among the digital criminals. This trend is likely to continue in 2016.

malware in use

Mobile banking malware - Take Your Money

The banking Trojans are becoming more complex than reducing the number of amendments. The mechanisms of these malicious applications are the same as before: once logged in a computer of a client device, the malware duplicating legitimate websites a bank or online payment application to false. However, the scale of which could be exploited such malware increased significantly in 2015. Today, digital criminals can attack customers tens of banks located in different countries, using only one type of malware while you previously had used malicious applications could only attack one or two financial services organizations in a few countries. An example of a malicious application with multiple targets is Acecard Trojan, which features tools for attacks on dozens of banks and users of Internet services.

As commented o Roman Unuchek, Senior Malware Analyst Kaspersky Lab's in the US,

As mobile devices become more and more functional, digital criminals constantly evolving attacks that attempt to steal money from users. Last year was the year of banking Trojan and ransomware programs. Adware programs are widely used to infect devices with more sophisticated malware. Also, we see that there is a growing interest for malicious software that can access «super-user» to user devices. To keep users safe, they should not omit the use of reliable anti-virus solutions for mobile devices. Let's all keep in mind that it is much better to anticipate threats from seeing losses after the infection