As in previous months, in May Doctor Web security researchers continued to carefully analyse statistics obtained with Dr.Web for Android. The collected data showed that about seven million instances of unwanted, malicious and potentially dangerous programs were discovered on protected devices—this figure is similar to the previous month’s results.
From May 1-31, Dr.Web for Android detected 7,005,453 incidents, and, as before, of those threats discovered, various profit-generating advertising modules, embedded by software developers into their products, were found in the greatest abundance. Adware.Leadbolt advertising modules accounted for 9.81% of the incidents; Adware.Airpush ranked second with 9.06%; and Adware.Revmob modules ranked third.
Discovered on 3.36% of the devices involved in the incidents, Android.SmsBot.120.originwas May 2014’s most common malicious program for Android. Android.Backdoor.69.origin ranked second with 2.71%, andAndroid.SmsBot.105.origin (1.89%) ranked third. The ten most common Android Trojans detected by Dr.Web anti-virus software in May are listed in the following table:
| ? | Threat name | % |
|---|---|---|
| 1 | Android.SmsBot.120.origin | 3,36 |
| 2 | Android.Backdoor.69.origin | 2,71 |
| 3 | Android.SmsBot.105.origin | 1,89 |
| 4 | Android.SmsSend.685.origin | 1,37 |
| 5 | Android.SmsBot.122.origin | 1,21 |
| 6 | Android.SmsSend.1215.origin | 0,96 |
| 7 | Android.SmsSend.315.origin | 0,91 |
| 8 | Android.Spy.83.origin | 0,91 |
| 9 | Android.SmsSend.859.origin | 0,88 |
| 10 | Android.SmsSend.991.origin | 0,86 |
The Security Auditor (a special component that exposes operating system vulnerabilities) revealed 995,966 vulnerabilities on protected devices. You may recall that Dr.Web for Android detects several types of vulnerabilities:
- Master Key is a flaw in Android security routines that enables the installation of unsigned applications from packages containing files with identical names.
- Extra Field and the Name Length Field are vulnerabilities that allow intruders to embed into modified apk packages malicious code that will bypass automatic security verification during installation.
Doctor Web's security researchers will continue to monitor the security situation and keep users informed about all the developments.
Doctor Web is the Russian developer of Dr.Web anti-virus software. We have been developing our products since 1992. The company is a key player on the Russian market for software that meets the fundamental need of any business — information security. Doctor Web is one of the few anti-virus vendors in the world to have its own technologies to detect and cure malware. Our anti-virus protection system allows the information systems of our customers to be protected from any threats, even those still unknown. Doctor Web was the first company to offer an anti-virus as a service and, to this day, is still the undisputed Russian market leader in Internet security services for service providers. Doctor Web has received state certificates and awards; our satisfied customers spanning the globe are clear evidence of the high quality of the products created by our talented Russian programmers.
