Broadband devices, smart phones under cyber attack

Alcatel-Lucent's subsidiary, Kindsight reports that for the second quarter of 2013, cases of malware and breaches of cyber-security on broadband devices and smartphones are rising. This threat to fixed and mobile broadband networks is increasing, as global consumer usage continues to grow.

25 Jul 2013

Malicious software or 'malware' is used by hackers to gain access to devices for corporate espionage, spying on individuals, theft of personal information, generating massive quantities of spam, denial of service attacks on business and governments and millions of Euros in fraudulent banking and advertising scams.

Due to the unique position of the group's network security and analytic products within service provider networks, it can measure the impact of traffic types traversing the network, including malicious and cyber-security threats.

Stats indicate six fold increase in Android malware

10% of home networks and over 0.5% of mobile devices were infected with malware, both increases from the previous quarter
6% of home networks exhibited high-level threats, such as 'bots', 'rootkits' and 'Trojan' banking viruses - all types of malware infecting computers, computer programs and applications running on computers
The ZeroAccess botnet continues to be the most common malware threat, infecting 0.8% of broadband users
In mobile networks, the vast majority of infected devices are either Android phones or Windows laptops tethered to a phone or connected directly through a mobile USB stick or MIFI hub
Mobile malware continues to grow with a six fold increase in the number of Android malware samples

"Malware and cybersecurity threats continue to be a growing problem for home networks and mobile devices, particularly for Android smartphones and tablets which are increasingly targeted," said Kevin McNamee, security architect and director of Alcatel-Lucent's Kindsight Security Labs. "Users often don't take the appropriate security precautions for their mobile devices and, even when they do, a malicious app can easily evade detection by device-based anti-virus."

The report includes the top 20 home network infections and Internet threats and analysis of malware developments, including ZeroAccess, Alureon, the Zeus banking Trojan, Uapush, QDPlugin, and others.

Proof-of-concept spy phone indicates corporate weaknesses

The report also includes information on the rise of mobile spyware as a threat to the BYOD (bring your own device) trend in workplaces.

To demonstrate how a smartphone can become a cyber-espionage device, McNamee said the company has developed a proof-of-concept spy-phone software module that can be injected into just about any Android application. From a remote web based command centre the attacker can: