G DATA CyberDefense AG | Press Center
  • Press releases
    • Press Releases
  • Media
    • Logo
  • Contact
Go
  •  0
    • 0 Files in Lightbox
  • EN
    • Deutsch
    • English
    • Nederland
G DATA Presse Center

Terms of use

Welcome to the G DATA CyberDefense newsroom.
We look forward to supporting you with your reporting and are always at your disposal for questions and comments.

Please mind our terms of use.

In summary, it is about the following: We ask you primarily to observe copyright and usage rights and not to use the content available in the newsroom for advertising purposes. If you want to use content from the newsroom for purposes other than non-advertising, journalistic purposes, please contact us at presse@gdata.de.

A service for publicists

The content available here is made available to you by G DATA Cyberdefense AG, Königsallee 178, D-44799 Bochum for journalists and other media professionals.

In the G DATA CyberDefense newsroom you have access to texts, images, sound and film material (content). By using the newsroom, you assure that you will use the content and materials offered exclusively for the purpose of your journalistic work. The content provided is free to use.

Right of Use and Purpose
Any further use for commercial purposes of any kind or use in particular for advertising purposes without express permission is prohibited.

Content may be edited and changed as long as it remains clearly recognizable and no changes are made to the content that might favor a different meaning than that originally intended. The content may not be reproduced in a meaningless context.

The content may not be used in an objectionable or illegal context.

Copyright and Privacy Rights and Legal Notice

All content and the design itself are protected by copyright, usage and personality rights, registered trademark rights and other laws related to intellectual property rights.

All content provided in the newsroom is owned by G DATA CyberDefense or external owners who provide content and are named in the newsroom. When using images, films or other illustrations, please cite the specified source.

Provision of Service and Content

Content may contain links to other websites. We have no control over any linked content and are not responsible for their content or for any loss or damage which may arise from your use of any such link.

Registration for press distribution lists

Information that you provide as part of the inclusion in the press mailing list must be based on correct and up-to-date data, correspond to the truth and be complete. If your data or main topics change, you can simply send us an e-mail to presse@gdata.de.

We reserve the right, at our sole discretion, to refuse to be included in the press mailing list; we are not obliged to give reasons.

Specimen copy

If you have used the content provided for a publication, we would be pleased if you emailed us a link to presse@gdata.de or sent a specimen copy free of charge to the postal address (G DATA Cyberdefense AG, Königsallee 178, D- 44799 Bochum).

  • Press releases /
  • Press Releases
  • Alle
  • Text
22.02.2022 |

G DATA Mobile Security Report: more than 2.5 million new malware apps for Android devices

Popular lines of attack are app stores and phishing via SMS

Experts at G DATA CyberDefense counted more than 2.5 million malware apps for Android devices in 2021. According to the G DATA Mobile Security Report, the number of averted attack attempts has also increased by 21 percent within a year. Popular methods for infiltrating smartphones with malware are currently app stores, SMS phishing and manipulation at a repair service provider.

Press release Plain text

Attacks on smartphones with Android operating systems increased again in 2021 compared to 2020. The number of averted attack attempts increased by 21 percent, according to an analysis by G DATA CyberDefense. The pace of the attackers remains high - a new malicious Android app appears every twelve seconds. The lines of attack are manifold - via app stores, via SMS phishing, through manipulation at a repair service provider and through updates. Other security-related problems last year were security vulnerabilities in iOS and the Pegasus spyware, which in some countries is used against political opponents.

“We are storing more and more personal data on smartphones, from access information for our social media channels or online banking, to payment apps for contactless payment”, says Stefan Decker, security researcher in the Mobile Team at G DATA CyberDefense. “It is precisely this kind of information that is attractive to cyber criminals and can be turned into money in underground forums. There are always new tricks for installing malware on Android devices.  But also already known attack attempts such as the false SMS with a link to the parcel tracking, although nothing was ordered at all, continue to lead to the target if people are careless.”

Tilting at windmills

Security researchers keep on exposing fake apps in the app stores. These look harmless, but contain malicious code contrary to the official description. If the users then grant far-reaching permissions in the installation process, the attackers can read off personal data or access the operating system remotely.

However, Google has invested a lot in the security of its app store and removes malicious apps immediately. But, if in any doubt, anyone who installs apps from a third-party provider should take a closer look because other app stores carry out far less stringent checks.

Caution with phishing via SMS

Installation via an app store is, however, only one of numerous gateways for cyber criminals. A popular scam in 2021 was phishing via SMS. Here, the attackers were exploiting the many people working from home as well as the trend in online ordering. The criminals sent out text messages en masse with delivery instructions for parcels. However, the link in the text message led to a fake website from which visitors downloaded and installed malware on their device.

Caution is also advised with updates. Here, the attackers send fake messages requesting an update for an installed app. The download link then leads back to a fake website from which users install an app containing malicious code.

A key rule for smartphone users is to never hand an unlocked mobile phone to a third party. Criminals only need a fraction of a second to manipulate mobile devices. This can also happen when checking a coronavirus warning app or when your device is being repaired by a service provider.

“If you want to be on the safe side, you should install a security solution that also controls how apps access your personal data”, says Stefan Decker. “Many users consider iOS to be a safer alternative to Android. But Apple's operating system also revealed numerous vulnerabilities last year that could only be fixed by updates. Here again, users have to remain vigilant.”

The spy on the smartphone

Another talking point has been the Pegasus spyware. Pegasus is intended to be used to fight terrorism. However, investigations have shown that customers of Israeli manufacturer NSO have also been using Pegasus to monitor and spy on non-criminal individuals, including voices critical of the regime, for example members of the political opposition, journalists and people who are close to or who support human and civil rights movements.

In the coming years, cyber criminals will continue to attack mobile devices in order to harm users. With Android devices especially, cyber criminals benefit from the large number of operating versions that are still active. Some of these do not have the latest security updates, which makes it easier for the criminals to gain access. Anyone using a smartphone without a current security update should be aware of the danger and take precautions to protect their personal data.

Print page Send link
G DATA CyberDefense
With holistic cyber defence services, G DATA CyberDefense makes you defensible against cybercrime. The renowned IT security company protects with AI technologies, endpoint protection, security monitoring and offers penetration tests, incident response and awareness training in order to secure companies in the best possible way.

G DATA CyberDefense AG supports its customers in every security situation. From the headquarters in Bochum, more than 550 employees ensure the digital security of companies, critical infrastructures such as hospitals or airports as well as millions of private users. With almost 40 years of expertise in malware analysis, G DATA has become a top player in the cybersecurity world and conducts research and software development exclusively in Germany. This also applies to service and support, which is available around the clock for customers all over the world. G DATA security solutions are available in more than 90 countries and have received numerous awards from independent test institutes.

 

Release text (4275 Characters)

Plain text Copy release text

Related

  • 28.02.2023
    G DATA Mobile Security Report: Attacks on smartphones every minute
  • 24.08.2022
    G DATA Mobile Security Report: Conflict in Ukraine causes decline in malicious Android apps

Contact

(3) Stefan Karpenstein
Stefan Karpenstein
Public Relations Manager

+49 234 9762 - 517
stefan.karpenstein@gdata.de

(. )

©
Measures Size
x
1200 x
600 x
x Loading
Direct download
Save to lightbox
SIGN UP
If you would like to receive our latest press releases automatically, just sign up for our mailing list here:

Mailing list

GTC
Privacy Policy
Imprint
Press contact
Vera Haake
Pressesprecherin/ Spokesperson

+49 234 9762 - 376
vera.haake@gdata.de