That’s the message reiterated in the new Threat Report H2 2013 from F-Secure Labs. In addition, the report reveals that web-based malware attacks doubled in the second half of 2013 in comparison to the first half. And threats targeting Android accounted for 97 per cent of mobile threats for the whole year.
With governments reaching to gain access to as much information as possible, F-Secure’s stand on governmental trojans and mass surveillance remains strong: No tolerance. It is (and always has been) F-Secure’s policy to detect any malware regardless of its source. And privacy is one of F-Secure’s core values, one that is reflected in how its products are designed.
“Governmental surveillance is not about governments collecting the information you’re sharing publicly and willingly,” writes Mikko Hypponen, chief research officer at F-Secure Labs. “It’s about collecting the information you don’t think you’re sharing at all…Just because it can technically be done doesn’t make it right.”
Sources aside, web-based attacks, which typically involve techniques that redirect the browser to malicious sites, were the most commonly reported type of attack for the period, making up 26 per cent of detections, followed by the Conficker worm with 20 per cent. The three most common exploits detected during the period were all Java-related. Java exploits, however, declined compared to H1 2013. Mac malware continues a slight but steady increase, with 51 new families and variants detected in 2013.
It’s (almost completely) all about Android
Ninety-seven per cent of the mobile threats in 2013 were directed at the Android platform, which racked up 804 new families and variants. The other three per cent (23) were directed at Symbian. No other platforms had any threats. In contrast, 2012 saw 238 new Android threats.
The top 10 countries reporting Android threats saw a little over 140,000 Android malware detections. Forty-two per cent of the reported detections came from Saudia Arabia and 33 per cent from India. European countries accounted for 15 per cent and the United States five per cent. As the Android platform itself has relatively few vulnerabilities, the main distribution method is still shady apps downloaded via third-party app stores.