14 DAY TRIAL // IT security firm Lookout has released a study on the Russian mobile malware landscape. Based on their observation of 10 Russia-based organizations, experts have determined that the mobile malware industry in the country has become not only very well organized, but also highly profitable.
Entitled “Dragon Lady: An Investigation Into the Industry Behind the Majority of Russian-Made Malware,” the report shows that these 10 organizations are responsible for 60% of all Russian malware.
The criminal enterprises are well organized. They have thousands of affiliate marketers, who can make up to $12,000 (€9,000) per month, and a malware HQ.
The malware HQ releases new malicious creations every two weeks, and provides customer support, malware hosting, shortcode registration, and the marketing campaign management tools.
Most of the criminal organizations focus on toll fraud malware, the one that earns the crooks money by sending SMSs to premium rate numbers from the infected phones.
Victims think they are downloading the Angry Birds game or other popular app, while in reality they’re installing a Trojan that inflates their bill by sending SMS messages.
“Twitter is a primary distribution channel for malware affiliates because search engines assign a high value to indexed tweets which means higher ranking in the search results. When searchers seek out free songs, apps or [adult content], a high search ranking promotes the affiliate content,” the report reads.
“Lookout combed through 247,863 unique twitter handles and over a million tweets. Nearly 50,000 of the unique handles and nearly 25 percent of all tweets identified were confirmed linking to malware. While many of the accounts were still active, Twitter’s security team appeared disable accounts which they identified as malicious.”
The complete “Dragon Lady: An Investigation Into the Industry Behind the Majority of Russian-Made Malware” report is available here.