Highly organized Russian groups have transformed mobile hacking into an industrial scale business, a kind of "malware-as-a-service," complete with marketing affiliates, distributors and customer support. Ten such criminal enterprises are responsible for more than 60 percent of all Russian malware, and millions of dollars in fraudulent SMS toll charges against end users' phone bills.
The details of the extent and sophistication of Russian malware, most of it so far targeted against Russian-speaking Android phone users, is the result of a six-month long investigation called Operation Dragon Lady by Lookout, a mobile security firm based in San Francisco. The company markets and sells security and antivirus apps to Android and iOS users and to business clients, to combat the same kind of problem uncovered by its investigation. Lookout researchers combined the results of Dragon Lady with three years of data collection on malware patterns in Russia.
Lookout researchers presented the results last weekend at the DefCon Hacking Conference in Las Vegas. The full report is now online.
Malware as a business
Together, the two data sources reveal the existence of sophisticated networks treating malware as a business. At the top are what Lookout calls "Malware Headquarters," which create do-it-yourself malware platforms, and then market and support these like any legitimate software vendor. The headquarters have an aggressive schedule to release new Android code and configurations every two weeks, handle an array of administrative chores such as malware hosting, SMS shortcode registration, and offer malware campaign management tools. They also invest in extensive customer support, issue newsletters, and alert customers to downtime and new features. According to Lookout, they even run contests to keep their customers' interest high.
To read this article in full or to leave a comment, please click here
ConversionConversion EmoticonEmoticon