The sprawling mobile devices marketplace has spawned an industrialised mobile financial fraud plexus that today drives increasingly sophisticated criminal technical innovation to exploit the mobile devices explosion.
And it is funded by increasing revenues derived from potent new developments in mobile malware, a new APWG report concludes.
In a "post-PC" era, mobile devices increasingly present an attractive, practical and economical alternative to traditional desktops. In the coming years, global mobile payments are predicted to exceed $1.3 trillion (€1 trillion), moreover, presenting a mother load of opportunity for cybercrime gangs who appreciate the vulnerabilities of these peripatetic communications and computing platforms, the APWG's analysis reports.
Arresting and rolling back the successes of the mobile financial fraud marketplace requires a global response based on cooperation, education and awareness, according to the APWG in the new industry advisory whitepaper, Mobile Threats and the Underground Marketplace.
APWG Mobile Fraud Research Coordinator Jart Armin said, "On one hand we can see just one example of a major European bank that in early 2012 had 100,000 mobile banking users, and by April 2013, 4 million. In contrast, there were around 50 generally known samples of mobile malware in 2010, rising in 2013 to some 30,000 samples."
This latest paper from the APWG provides a rhetorical approach towards mobile crimeware and the intrusion supply chain's structure and examines subjects in depth from a practitioner's perspective.
Key points that illustrate the potential for growth of an established underground malware market include 5.6 million potentially-malicious files reported on Android (APK, dyn-calls, checks-GPS, etc.), of which 1.3 million are confirmed malicious by multiple AV vendors.
Mobile payments are on track to top $1.3 trillion in 2015, attracting intense criminal interest.
The report estimates that there will be more than 2 billion mobile devices by 2015. China, as an example, now has 564 million internet users; 75% are mobile
"Mobile fraud we can clearly state has become an industrialized process, although globally we show currently some countries are more at risk than others. This APWG white paper helps to demonstrate the existence of such an industry and how it operates through stealthy intrusion and a crimeware supply chain," Armin concludes.