Semi-annual threat backup report says the security vendor is seeing 13,000 malware samples a day, up from 1,000 at the beginning of the year
The increase in the amount of malware surging through the Internet shows no sign of abating.
According to the latest assessment, Fortinet Inc.’s annual mid-year report on online threats, malware written for mobile devices is closing in to the amount of created for desktop and laptop PCs.
“Mobile malware has taken off through the stratosphere,” said report author Richard Henderson of Fortinet Labs.
In particular, Android malware is “out of control.” he said.
At the beginning of the year Fortinet was tracking 1,000 new Android malware samples a day. Now it is seeing 1,300 a day, categorized within 300 unique families — in other words, the new malware isn’t just a varient of one type.
What’s particularly worrisome is that “ransomware” — viruses that lock a phone until the user pays for its release by purchasing so-called anti-virus protection — was discovered in June for Android platform.
Typically the user gets suckered by clicking on a link to buy what appears to be a legitimate anti-virus solution.
Users can refuse to make the payment and reset or wipe the device, but that means losing all data — unless the user has made a recent backup.
Fortunately, Richardson says, many devices automatically backup data when synchronized with the owners’ PC. That lessens the threat, if backup is enabled and if it has been done recently.
However, one version also searches for key files on the phone and erases them, in the hopes of preventing restoration of the phone from a backup file.
The lesson is that like PC users, people with mobile devices have to be careful before they download anything.
If you have an Android device only download applications from the Google Play store.
Finally, the report notes that that the cybercriminals behind the ZeroAccess botnet are “making great strides (and spending a significant amount of money)” maintaining the size of their botnet.
One version of ZeroAccess is used for online ad click fraud, while another for bitcoins.