Click here to close now.

Welcome!

News Feed Item

Lookout Report Finds 10 Organizations Behind 60% of Russian Toll Fraud Malware

The security researchers at Lookout, the leader in security technology, will share the findings of an investigation into Russian mobile malware today at the Def Con Hacking Conference in Las Vegas, Nevada. Lookout also released an in-depth report on the research: Dragon Lady: An Investigation Into the Industry Behind the Majority of Russian Malware.

In the report, Lookout investigates 10 Russian-based organizations, uncovering that the mobile malware industry in Russia has become highly organized and profitable. These malware businesses develop more than 60 percent of all Russian malware and have thousands of individual affiliate marketers and web properties advertising their malware.

Within the industry, Lookout identified distinct malware development and distribution businesses (i.e., Malware Headquarters) that have created online do-it-yourself (DIY) malware platforms so that just about anyone can distribute and profit from malware – no prior coding or technical experience required. The Russian Malware Headquarters leverage a large and highly motivated workforce of affiliates, who earn a share of the profit by marketing and distributing the malware. Affiliates use the malware platform to configure their own customizable, “Easy-Bake” malware applications. Lookout has evidence of the affiliates making up to $12,000 per month. Malware Headquarters handle the production tasks such as releasing new Android code and configurations every two weeks, malware hosting, shortcode registration, and marketing campaign management tools. Like any other large business, Malware Headquarters provide customer support, post regular newsletters, report downtime or new features, and even run regular contests to keep their affiliates engaged and motivated.

The malicious activity of choice for these organizations is toll fraud — malware designed to secretly make charges to a victim’s phone bill via premium SMS messages, often while providing nothing of value in return. The affiliates can customize their toll fraud malware so that it looks like the latest Angry Birds game or Skype app in order to lure in a potential victim. Affiliates then receive a link to their custom malware that they can distribute as they see fit; common distribution points include social media sites like Twitter. Lookout reviewed 250,000 unique Twitter handles and, of those, nearly 50,000 linked directly to these toll fraud campaigns. The victim of the scheme is usually a Russian speaking Android user looking for free apps, games, MP3s or pornography. The victim may have been using search engine or click through links in Tweets or mobile ads, then unwittingly download the malicious app which secretly adds a premium SMS charge to their phone bill.

Lookout has been actively tracking SMS fraud since the first example was found in the wild in August 2010. Over time, this specific collection of malware samples, which primarily targeted Russian users with toll fraud, became the largest percentage of Lookout’s total Android malware collection. More than 50% of Lookout’s total malware detections in the wild for the first half of 2013 were Russian-based toll fraud.

Over the past three years, Lookout collected a dataset of the Russian SMS fraud malware, which they’ve classified into individual groups or “families” based on similarities in code and key features. This dataset — when merged with Lookout’s threat intelligence dataset of malicious links, domains and social media accounts — gives the full context on the issue at hand. This in turn allowed Lookout to track individual malware families back to the responsible affiliates and Malware Headquarters. Creating more connections in the dataset allows Lookout to more closely track malware families in the future.

See the full report: Dragon Lady: An Investigation Into the Industry Behind the Majority of Russian Malware. For more information on Lookout, visit www.lookout.com.

About Lookout

Lookout builds security software that protects people, businesses and networks from mobile threats. Lookout created the world’s largest mobile threat dataset, and the power of 40 million devices proactively prevent fraud, protect data and defend privacy on personal and business devices, and networks. Lookout’s flagship consumer product, Lookout Mobile Security is available for Android, iOS and Kindle, and received the 2013 Laptop Editors’ Choice Award. A 2013 World Economic Forum Technology Pioneer company, Lookout has offices in San Francisco and London. For more information, please visit www.lookout.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
"AgilData is the next generation of dbShards. It just adds a whole bunch more functionality to improve the developer experience," noted Dan Lynn, CEO of AgilData, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
The basic integration architecture, as defined by ESBs, hasn’t changed for more than a decade. Most cloud integration providers still rely on an ESB architecture and their proprietary connectors. As a result, enterprise integration projects suffer from constraints of availability and reliability of these connectors that are not re-usable across other integration vendors. However, the rapid adoption of APIs and almost ubiquitous availability of APIs amongst most SaaS and Cloud applications are ra...
SYS-CON Events announced today that Secure Infrastructure & Services will exhibit at SYS-CON's 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Secure Infrastructure & Services (SIAS) is a managed services provider of cloud computing solutions for the IBM Power Systems market. The company helps mid-market firms built on IBM hardware platforms to deploy new levels of reliable and cost-effective computing and hig...
The 5th International DevOps Summit, co-located with 17th International Cloud Expo – being held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the ...
"We help to transform an organization and their operations and make them more efficient, more agile, and more nimble to move into the cloud or to move between cloud providers and create an agnostic tool set," noted Jeremy Steinert, DevOps Services Practice Lead at WSM International, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
The most often asked question post-DevOps introduction is: “How do I get started?” There’s plenty of information on why DevOps is valid and important, but many managers still struggle with simple basics for how to initiate a DevOps program in their business. They struggle with issues related to current organizational inertia, the lack of experience on Continuous Integration/Delivery, understanding where DevOps will affect revenue and budget, etc. In their session at DevOps Summit, JP Morgenthal...
The 17th International Cloud Expo has announced that its Call for Papers is open. 17th International Cloud Expo, to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, APM, APIs, Microservices, Security, Big Data, Internet of Things, DevOps and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding bu...
One of the hottest areas in cloud right now is DRaaS and related offerings. In his session at 16th Cloud Expo, Dale Levesque, Disaster Recovery Product Manager with Windstream's Cloud and Data Center Marketing team, will discuss the benefits of the cloud model, which far outweigh the traditional approach, and how enterprises need to ensure that their needs are properly being met.
The time is ripe for high speed resilient software defined storage solutions with unlimited scalability. ISS has been working with the leading open source projects and developed a commercial high performance solution that is able to grow forever without performance limitations. In his session at Cloud Expo, Alex Gorbachev, President of Intelligent Systems Services Inc., shared foundation principles of Ceph architecture, as well as the design to deliver this storage to traditional SAN storage co...
17th Cloud Expo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises ar...
Overgrown applications have given way to modular applications, driven by the need to break larger problems into smaller problems. Similarly large monolithic development processes have been forced to be broken into smaller agile development cycles. Looking at trends in software development, microservices architectures meet the same demands. Additional benefits of microservices architectures are compartmentalization and a limited impact of service failure versus a complete software malfunction. ...
Discussions about cloud computing are evolving into discussions about enterprise IT in general. As enterprises increasingly migrate toward their own unique clouds, new issues such as the use of containers and microservices emerge to keep things interesting. In this Power Panel at 16th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the state of cloud computing today, and what enterprise IT professionals need to know about how the latest topics and trends affect t...
"We provide a web application framework for building really sophisticated web applications that run on a browser without any installation need so we get used for biotech, defense, and banking applications," noted Charles Kendrick, CTO and Chief Architect at Isomorphic Software, in this SYS-CON.tv interview at @DevOpsSummit (http://DevOpsSummit.SYS-CON.com), held June 9-11, 2015, at the Javits Center in New York
It is one thing to build single industrial IoT applications, but what will it take to build the Smart Cities and truly society-changing applications of the future? The technology won’t be the problem, it will be the number of parties that need to work together and be aligned in their motivation to succeed. In his session at @ThingsExpo, Jason Mondanaro, Director, Product Management at Metanga, discussed how you can plan to cooperate, partner, and form lasting all-star teams to change the world...
In the midst of the widespread popularity and adoption of cloud computing, it seems like everything is being offered “as a Service” these days: Infrastructure? Check. Platform? You bet. Software? Absolutely. Toaster? It’s only a matter of time. With service providers positioning vastly differing offerings under a generic “cloud” umbrella, it’s all too easy to get confused about what’s actually being offered. In his session at 16th Cloud Expo, Kevin Hazard, Director of Digital Content for SoftL...