Alcatel-Lucent malware report shows significant rise in mobile infections via PCs and adware in first six months of 2015

Paris, France, September 16, 2015

Alcatel-Lucent (Euronext Paris and NYSE: ALU) today released figures showing that in the first half of 2015 the number of security threats on mobile networks have come increasingly from a seemingly unlikely source – personal computers and laptops.

The research also found a significant increase in the number of ‘spyphone’ apps being detected on both Android and iOS mobile devices.

The Motive® Security Labs H1 2015 Malware Report examines general trends and statistics for malware infections in devices connected through mobile and fixed networks. Data is aggregated across fixed and mobile networks where Motive Security Guardian malware detection technology is deployed, covering more than 100 million devices.

In the first half of 2015 report, Alcatel-Lucent estimates that 80 percent of malware infections detected on mobile networks have been traced to Windows™-based computers and laptops. This finding represents a significant change from 2013 and 2014 when the source of mobile network infections were roughly split 50:50 between Android and Windows™-supported devices.

Alcatel-Lucent has found that PCs and laptops are the favorite targets of hardcore professional cybercriminals who have invested heavily in the Windows malware ecosystem. Their contribution to the infection rate on the mobile network has significantly increased as mobile networks are increasingly used as the primary way to access the Internet.

The Motive report also found that cybercriminals are quickly taking advantage of unique opportunities in the mobile ecosystem to spread spyware. In fact, 10 of the 25 most prolific threats on smartphones are in the mobile spyware category and are often delivered bundled with games and free software.

These sophisticated spyware apps enable the remote tracking of a phone owner’s movements as well as the monitoring of phone calls, text messages, e-mails and browsing habits. While tracking applications can be used for legitimate purposes – such as a parent keeping track of their children, there are also far more sinister uses for these types of applications.

Commenting on the findings, Patrick Tan, General Manager of Network Intelligence at Alcatel-Lucent said: “The modern smartphone also presents the perfect platform for corporate and personal espionage, information theft, denial of service attacks on businesses and governments, and banking and advertising scams. It can be used simply as a tool to photograph, film, record audio, scan networks and immediately transmit results to a safe site for analysis. That’s why Alcatel-Lucent favors a network-based security solution that detects malware before it can do any damage.”

Adware has also been on the increase in 2015 with ads becoming more sinister. One identified by Motive is BetterSurf, a moderate-threat Windows Adware contained within software bundles offering free applications or games. When installed, it adds a plugin to Internet Explorer, Firefox and Chrome browsers that injects pop-up ads into web pages. While it looks like run-of-the-mill adware, the ads themselves are very dangerous. Many are phishing attempts to install additional malware and engage in fraudulent activity.

In examining the top 25 threats to mobile devices, the Motive report concluded that the main threats are currently:

• Spyphone apps that track calls, text messages, location, e-mail and browsing;
• ‘Scareware’ apps that try to extort money by claiming to have encrypted the phone’s data;
• Identity theft apps that steal personal information from the device;
• Banking ‘Trojans’ that attempt to steal banking credentials and credit card numbers;
• SMS Trojans that make a living by sending text messages to ‘premium’ numbers;
• Malicious adware that uses personal information, without consent, to deliver annoying targeted ads.
• A proxy app allowing hackers to anonymously browse the web through an infected phone - at the owner’s expense.

The Motive report also highlights one of the most talked about potential threats of 2015 so far: Stagefright. This is a series of vulnerabilities in Android’s media display software which gives attackers complete control of a phone by simply sending it an MMS message with a specially crafted media attachment. When the message is received, the Android operating system automatically tries to open the attachment, infecting the device as it does without any interaction from the user. Furthermore, it is estimated that the Stagefright vulnerability could affect almost 1 billion devices.

So far there is no known malware that actively exploits the Stagefright vulnerability, but the Motive report highlights that it is an example of how sophisticated threats to mobile networks are becoming, and illustrates the need for network-based security systems by service providers.