MCA 2013 - Denis Maslennikov - Kaspersky Lab

Denis Maslennikov

Senior Malware Analyst, Kaspersky Lab

23.05.2013

Extracting Money from Mobile Users:

Cybercriminal’s Ways

Smartphones

Your device contains a lot of ‘interesting’ things:

GPS coordinates

contacts emails

incoming and outgoing SMS messages

personal photos

online banking credentials

various installed apps

trip calendar

75503

575

Current state

75503 modifications

of mobile malware in

575 families

Platforms

96,27%

3,02% 0,71%

Android

J2ME

Others

Behaviors

31%

29%

27%

5%

8%

Backdoor

Trojan-SMS

Trojan

Trojan-Spy

Others

Modifications per month

0

2000

4000

6000

8000

10000

12000

14000 2

011.0

1

2011.0

2

2011.0

3

2011.0

4

2011.0

5

2011.0

6

2011.0

7

2011.0

8

2011.0

9

2011.1

0

2011.1

1

2011.1

2

2012.0

1

2012.0

2

2012.0

3

2012.0

4

2012.0

5

2012.0

6

2012.0

7

2012.0

8

2012.0

9

2012.1

0

2012.1

1

2012.1

2

2013.0

1

2013.0

2

2013.0

3

2013.0

4

Backdoors

Mobile botnets

Using Twitter

Sending SMS spam

Cheats on app ratings via botnets

SMS Trojans

They are everywhere

Affiliate networks

Trojan-Spies

Hunt for mTANs

Hunt for mTANs

Blackberry as well

New malware

Conclusions, to-do list, how-to-do, etc

Text

Countermeasures

PhonepayPlus

PhonepayPlus

History

2004

2005

2006

2007

2008

2009

2010

2011

2012

2013

2014

Thank you

Denis Maslennikov

Senior Malware Analyst, Kaspersky Lab

[email protected], @hEx63

23.05.2013

Extracting Money from Mobile Users:

Cybercriminal’s Ways