Fortinet’s FortiGuard Labs reports a 30 percent increase in Mobile Malware in the last six months; seeing 1300 new samples per day

Fortinet a world leader in high-performance network security announced the findings of its FortiGuard threat landscape research for the period of January 1 − July 31, 2013.

FortiGuard Labs observed a 30 percent increase in mobile malware in the labs over the last six months. The team is now seeing more than 1,300 new samples per day, is currently tracking over 300 unique Android malware families and over 250,000 unique malicious Android samples.

The Bring Your Own Device (BYOD) phenomenon has many benefits for a business, chief among them are increased employee efficiency and productivity gains. However, the disadvantage of a lenient BYOD policy is the threat of mobile malware infecting the user’s device and, subsequently, the business network.

In 2013, the mobile threat landscape changed dramatically. Wide scale manufacturer adoption of Google’s Android OS globally has led to an explosion of smartphones in the marketplace. Android devices are available in every market, at price levels from the incredibly inexpensive to feature-rich, cutting edge computing monsters. Coupled with the explosion of available applications to extend device functionality, cybercriminals and other nefarious types have used this platform as a new business opportunity.

Even though we’ve seen recent patches for Ruby on Rails, Java, Adobe Acrobat and Apache, FortiGuard Labs is finding attackers are still exploiting those old vulnerabilities.  In January, it was announced that a critical vulnerability in the Ruby on Rails Framework could allow a remote attacker to execute code on the underlying Web server. A zero-day exploit that was able to bypass Java’s sandbox and run arbitrary Java code was discovered. In February, a PDF pretending to be a travel visa form from Turkey was detected circulating in the wild and took advantage of a previously unseen vulnerability in Adobe’s Reader software. The exploit worked with all recent versions of Adobe Reader (9.5.X, 10.1.X, and 11.0.X), and on most versions of Microsoft Windows, including 64-bit Windows 7 and most Mac OS X systems. In late April, a new attack on the popular Apache Web server was discovered. Dubbed CDorked, the malware was able to compromise the Web server and redirect visitors of the compromised Web server to other servers that deliver malware using the BlackHole exploit kit. The attack may also have targeted the Lighttpd and Nginx Web server platforms.