Cyber criminals localise threats stoking the chargeware wild-fire in Europe

Cyber criminals are tailoring Android malware depending on the location of the device in an attempt to stay one step ahead of the authorities across the globe.

Related: Android struggles under malware attack deluge, says Cisco

A report from Lookout, a mobile security firm, found different regulatory conditions in each region mean that malicious programs uploaded to the Google Play Store show a wide variation that is dependant on the region involved.

"When it comes to mobile malware, everything is now regionalised," Marc Rogers, Lookout's principal security researcher, told the BBC.

Europe, in particular, has seen changes due to the widespread use of security software on smartphones and fraudulent activity being targeted by industry groups meaning that cyber thieves have turned to a different type of malware – chargeware.

"Most of Europe is now a hostile environment for premium-rate malware," said Mr Rogers. "You can do it, but it is very difficult to monetise."

Chargeware is a type of software that attempts to trick consumers into paying for a service or app and it often masquerades as a pornography app that is unclear about how charges are passed on to the end user.

During 2013, 20 per cent of Lookout users encountered chargeware in the UK, whereas in Spain it was seen by 23 per cent, and in France the number was 13 per cent. Elsewhere, the number barely topped five per cent as other methods were used to pilfer information.

One European country where this isn’t the case is Russia, which straddles both Europe and Asia, due to the fact that most Android users in the country don’t get apps from the Google Play Store and as a result are targeted by malware. It should be noted that for the purposes of Lookout’s data, Russia is listed as an Asian country.

This has resulted in the encounter rate for malware hitting 63 per cent in Russia whereas for both the US and Europe the number has stayed at just four per cent.

In terms of the amount of malicious apps within the Google Play Store itself, RiskIQ released figures that showed the percentage of the total apps that are malicious has grown from 2.7 per cent in 2011 to 12.7 per cent in 2013. Part of this is down to the fact that the proportion of malicious mobile apps removed has decreased from 60 per cent in 2011 to 23 per cent in 2013.

Related: Malicious Android app and malware to top a million by end of 2013

A separate report earlier on in the year found that Google’s Android OS will play host to one million malicious apps by the end of 2013 and it goes to show the open nature of the OS is leaving users open to being infected.