Based on analysis by Cheetah Mobile Security Research Lab, mobile malware has been running rampant in India. India is now the second largest smartphone market in terms of active unique smartphone users. According to data collected by Cheetah Mobile, out of all the infected devices around the world, 17.8 percent are from India. Almost 45% of the infected phones are dealing with the following top 10 viruses. Here are the top 10 viruses affecting most Indian smartphone users in the first half year of 2016

Budget Android phones are very popular in India. Unfortunately, some of these mobile phones have been pre-loaded with viruses even before reaching to consumers. Based on information from Pornhub, a famous porn website, India stands at third place in terms of global porn viewership as of January 2016. Back in August 2015, the government of India ordered internet service providers (ISPs) to block access to 857 pornography websites, although the ban was partially lifted five days later, due to criticism over authorities’ decision.

It’s no surprise that porn website is one of the most popular channel for spreading malware. Users are tricked into downloading various apps related to porn while they are browsing these websites, which greatly increases the possibility of exposing their mobile device to infecting new viruses. In this ever-changing security landscape, some of these malware now focus on making profit via spreading deceptive advertising.

Below, Cheetah Mobile Security Research Lab summarizes several typical categories of these deceptive advertising viruses. These viruses keep producing pop-ups on users’ phones, which impacts user experience severely. The viruses also consume a lot of network traffic while they download unnecessary [and even harmful] apps in the background, without users’ knowledge.

Deceptive advertising can take many forms, therefore, users are affected differently. Here are a few scenarios users might experience deceptive advertising on their mobile devices:

Turning on or charging your phone

When users turn on or start charging their phones, the virus is prompted to display full-screen advertisement. Once you click on it, the virus will start downloading unnecessary apps or even malware’s to your phone.

Installing or uninstalling apps

When users install or uninstall apps, the virus will trigger pop-up ads disguised as return and close icon, so users have no choice but forced to click on the ad.

When an app is running

When user activates an app, this particular virus would pop up an ad which covers the entire interface, making it impossible to continue using the app.

Scenarios I, II and III

Exiting an app

When user exits an app and tries to return to the home screen, the virus would then pop up an ad, tricking the user into clicking and installing an unnecessary app.

Random pop-ups or permanent ads on the notification bar

The Google search box in the following screenshot is disguised by virus for tricking users into using the fake search box, so it can recommend users installing other apps.

Scenarios IV and V

Random app recommendations on the desktop

Some users might notice icons of new apps on their desktop that they didn’t downloaded themselves. If they click on the unknown icon, it will then activate the installation automatically [and the return/close button will be hidden so users can’t terminate the installations.] In fact, the APK’s have been downloaded by the virus, and the icons are aimed to trick users into installing unnecessary apps that leveraged deceptive advertising.

Random full-screen ads

Unwanted apps will be downloaded automatically after users click on these ads.

Scenarios VI and VII

According to Cheetah Mobile Security Research Lab, among the top 10 viruses infecting most phones in India, five are root trojans. Once these trojans manage to get into victims’ mobile phones, they will try to root the infected devices and embed the major behavior module into the systems. Antivirus tools must have root privilege to kill these trojans, so they typically live much longer than ordinary trojans. Root Trojans are also able to silently install other apps on users’ phones.

The lack of network security knowledge is the main reason mobile viruses are running rampant in India. Some users in India are still not completely aware of the damage mobile virus might bring to their mobile life, while many users aren’t familiar with removing these tricky viruses from their devices. Cheetah Mobile aspires to help promote awareness towards mobile security and ultimately help secure mobile devices in India.

About Cheetah Mobile Inc

Cheetah Mobile is a leading mobile internet company. The Company aims to provide the best apps for mobile users worldwide, while building a leading global mobile ad platform for advertisers. Cheetah Mobile had approximately 567 million global mobile monthly active users in September 2015. Its mission critical applications, including Clean Master, CM Security, Battery Doctor and Duba Anti-virus, help make the internet and mobile experience speedier, simpler, and safer for users worldwide. For more information, please visit Cheetah Mobile

Eros International Plc., leading global company in the Indian film entertainment industry, have announced that ErosNow, it’s digital over-the-top distribution service for Indian language entertainment, has enabled its ‘Watch Offline‘ feature on all Android devices for premium ErosNow subscribers at no additional charge. The service shall soon be available across all iOS devices as well.

Image Source - ErosNow
Image Source* – ErosNow

ErosNow’s Watch Offline capability introduces another feature to satisfy the on-the-go lifestyle of our ErosNow subscribers across 135 countries. The new feature allows ErosNow subscribers to watch films when they have limited internet connectivity or low bandwidth while using the entertainment service. As part of the Premium subscription service, subscribers can now download movies from the service to their device for immediate viewing offline for as little as Rs. 99 [$1.49] per month in India or $7.99 for international subscribers. To ensure the Watch Offline experience meets the demands of users, a choice of quality formats is available to expedite downloads and maintain the storage used for movies downloaded.

Commenting on the feature update, Rishika Lulla Singh, CEO, Eros Digital said

As consumers lifestyles evolve, they are constantly looking to access and consume entertainment on-the-go. ErosNow believes in exactly this concept – providing endless entertainment at consumer’s finger tips, anytime, anywhere. With Watch Offline, we have made our films more accessible to our subscribers who no longer require an ongoing internet feed to enjoy the extensive catalogue of films on ErosNow. We will also soon be rolling out the feature to Apple consumers, introducing the offline feature across all iOS platforms.

Watch Offline features

  • Unlimited playback of the titles downloaded to the device
  • Download quality options are High, Medium or Low Bandwidth
  • Storage management provided
  • Browse ErosNow or use other services on the device while downloading
  • My Downloads in ErosNow application displays titles available for offline playback
  • No internet connection required to watch titles in My Downloads
  • “Only download on Wi-Fi” option available in My Downloads
  • Manage downloads stored on device

The offline viewing feature is the latest product enhancement attracting users and subscribers to ErosNow. Additional in-app features include regular updates of the latest Hindi, Tamil and other Indian language titles; the ability to customize content by creating personal watch lists; video progression, allowing users to continue watching content from where they previously left off and multi-language subtitles. All features are available to users across the globe accessing the app via any device.

About ErosNow

ErosNow is Eros International Plc’s leading on-demand Bollywood and regional language entertainment network accessible anytime, anywhere, on most Internet-connected screen including mobile, web, and TV. ErosNow offers its 37 million plus registered users the promise of endless entertainment hosting one of the largest libraries of movies, as well as premium television shows, music videos and audio tracks, unmatched in quantity and quality. Product features such as offline viewing, high definition content, multi-language subtitles and high quality original drama series, differentiate the ErosNow entertainment offering. For more information, please visit ErosNow

Kuberplay, an SDK-based service, offers a solution for app developers to monetize their applications, retain users and enhance consumer experience by empowering mobile users who choose to watch videos, subscribe to services, install applications and participate in other types of advertisements.

India with around 300,000 app developers is the second largest Android developer community in the world and with the average mobile app usage in India growing by at least 131%, India has outpaced the global growth rate in app development.  App development has created about 75,000 direct jobs in India and has the potential to reach 600,000 over a period of time. However, monetization of app development remains a challenge. Over 70% of app developers close shop because of inability to monetize their apps.

Kuberplay will help app developers monetize their app, especially the customers who access only the free component of the app, desire the complete app but are unable to buy the app because they are expensive. The global purchase of in-app purchase is only 2%; through Kuberplay this can increase up to 10% helping them towards financially viable business models.  By integrating Kuberplay into their app the revenue of an App Developer in consumer premium space can increase by 25 to 30%.

Upal Pradhan, Founder and CEO, Kratos said

Kuberplay, will change the game for app developers, and this will be the impetus for an evolution in mobile app development.  The mobile has become a part of individual’s life management, and there is considerable development happening and possible through creation of new apps. We are happy to contribute towards this, as it will unleash the creativity and innovation, that earlier faced the challenge of monetization.

As a company, we have always been innovative in using our competencies in technology and our deep understanding of the mobile ecosystem to create platforms that provide a win- win scenario for all.  We are hoping for this to be a complete game changer for the mobile app ecosystem.

How Kuberplay Works

The developer integrates Kuberplay to his app and while customers are using the app, it will display a list of app download offers with a fixed gratification against each offer.

For e.g. If a customer is playing the free version of a game or listening to the free song of a movie app, then on downloading and installing an app from the Kuberplay’s offer wall, the customer will get virtual coins or give user access to the paid version of the game or one more premium song or film.

About Kratos

Kratos is a leading advertisement technology company for developing mobile ad serving platforms.They are teamed with a bunch of talented individuals with more than 35 years of combined experience in the space of mobile and ad technology. Kratos was established in 2013 by Upal Pradhan,the managing director. Kratos already boasts a history of 3 successful startups in mobile technology space and one in the entertainment space.They developed their own mobile ad serving platform in a record time-span of less than four months.This platform is highly scalable, and forms the foundation of their ad network. For more information, please visit Kratos

Cheetah Mobile, the leading mobile utility provider have announced findings on top apps across different categories that generate the most data on Android phones. The findings were based on the company’s flagship application, Clean Master, data gathering from India where Cheetah Mobile is ranked the second largest application developer [behind Facebook]. Popular applications including Flipkart, PicsArt, Facebook and UC Browser have been identified for creating the maximum junk files in their respective categories.

In India in 2015, Clean Master had an install base of roughly 20 million devices, with the highest number of downloads in Android 4.4. It was used 81,000,000 times to clean a total of 128PB junk files.

The above chart demonstrates the percentage of different Android versions which have been loaded with Clean Master. As can be seen, Android 4.4 accounts for 46%, which is about half of the total number. Android 5.0 and 5.1 rank the second and third. While Android 6.0 only makes up 2%.

  • The overall number of times cleaned in India 2015 – 81,000,000
  • The total size of junk files being cleaned – 128 PB
  • Daily cleaning times – 2,000,000 times
  • Daily cleaning size – 300,000 GB

As depicted in the chart below, videos, photography and tools are the top three app categories that created the most data.

Top app categories generating the most data

The data by Clean Master indicates tools, social apps and video apps as the top three categories that have been cleaned most times.

Top categories that create the most junk files

Top app categories by number of times cleaned

Tools, social apps and video apps are the three categories that have been cleaned for most times.

Top apps generating the most data files in every category:

Videos [pre-installed video apps excluded]

The top two video apps generating the most data are TubeMate and MX Player, both of which are mainly used to download videos.

Photography [pre-installed photo apps excluded]

PicsArt and BeautyPlus are the top two photography apps which generating the most data.

Tools [pre-installed tool apps excluded]

Among the top 10 tool apps generating the most data files, there are three file transferring tools, two security apps, and two app lockers. Most of the junks created by transferring tools are installation packages.

Social apps [pre-installed social apps excluded]

Facebook generates the most among all social apps, and the main data it creates are system caches, which also applies to Instagram and WhatsApp.

Browsers [pre-installed browsers excluded]

The UC Browser family generates the most data here on user devices.

Games

Clash of Clans generates the most data among all mobile games, followed by Pirate Kings. Most data created by the games exist in system storage.

Shopping apps

Flipkart and Paytm generate the most data among all shopping apps. And the former creates about
three times more data than the latter.

[The above data is based on Clean Master’s data gathering and applies only to India]

Truecaller introduced the most intelligent way to communicate by integrating new features to revolutionize the way people make and take calls: Smart Call History, Availability and a brand new dialer.

Making your communication safer and more delightful, by giving you more information about those you communicate with, is core to Truecaller’s mission. With the integration of the new features, Truecaller becomes an essential app for anyone looking to have more control over their incoming and outgoing calls.

Integrated new features

  • Smart Call History replaces unknown numbers with real names and faces in your call history, even for numbers that are not saved in your contacts. Now you don’t need to save contacts to your phone-book.
  • Availability shows you if your friends and contacts are free to talk before you call.  Now you’ll never get a busy signal or interrupt someone again.
  • Built-in dialer allows you to make all your calls directly with Truecaller.

Alan Mamedi, Truecaller Co-Founder & CEO said

Truecaller has become a necessity for hundreds of millions of people in their daily communication by always knowing who’s calling them and protecting them against spam calls. We are now taking this to the next level by changing the way people make phone calls with our integrated dialer and adding more context to your contacts that has never been seen before. Now, you can completely replace your existing dialer and only use Truecaller for all your calls. We are also very pleased to see our OEM partners being so supportive of our mission.

In 2014, Truecaller launched Truedialer to bring similar improvements to the dialer, which had not evolved since the introduction of the smartphone. After overwhelming demand from users, Truecaller are now bringing many of the great features from Truedialer and integrating them into Truecaller, giving you full control your entire calling experience with just one app.

The latest update will begin rolling out to users on Android and will reach all users in the coming weeks. Existing Truedialer users will be gradually upgraded to the new Truecaller experience.

Truecaller unveiled TrueSDK which enables third party apps to easily on-board users with their Truecaller profile and their Truecaller verified phone number. This service can be used by developers to sign up, update a user’s information or purely verify the user’s phone number based identity in their mobile apps through user consent. Available to registered third party apps & currently Android only, this feature is launched with 12 partners who have on-boarded to simplify the app on-boarding and user verification process. Some of our esteemed partners include India’s popular apps namely Quikr, Mobikwik, redBus, CarDekho, BharatMatrimony, ixigo, OYO Rooms, TO THE NEW Digital, FreshMenu, Terraa, Cash CareShopClues

Nami Zarringhalam, Chief Strategy Officer & Co-founder of Truecaller said

At Truecaller, our mission has always been to provide as much information as possible to users about their calls and enabling them to use that information in meaningful ways. In this process, we realized the power and importance of a mobile number, especially when it comes to personal identification. Our aim is to empower third party apps with a credible verification option and enable users to use the app of their choice by making their phone numbers their identity.

TrueSDK helps both the users to quickly use their credentials that are already verified with Truecaller to easily engage with 3rd party apps of their choice.

[L-R] Kari Krishnamurthy – VP Growth & Partnerships Asia and Country Manager Truecaller, Nami Zarringhalam – Co founder and CSO Truecaller, Priyam Bose – Director Worldwide Dev

Commenting on the newly launched platform, Priyam Bose, Director Worldwide Developer Relations at Truecaller said

Phone numbers are quickly becoming the primary personal identity to verify users in the global mobile arena. App Developers are looking for ways to minimize friction in user on-boarding & engagement flows. TrueSDK gives developers an opportunity to fulfill these needs and overtime bridge offline and online identity gap. Instead of having every app developer build and maintain their own systems, they can now use TrueSDK and instead focus more on their core aspects of their app led offering.

Offering’s of TrueSDK

  • Phone number based on-boarding and verification
  • Free to use and no verification cost for existing Truecaller users
  • Significantly reduces friction in user on boarding
  • Permission based flow
  • Light weight client side SDK and minimal changes needed on developer’s back-end

Anurag Saran, CPO-Chief Product Officer, Quikr added

As one of India’s most trusted brands, security of consumers while transacting on our platform is crucial. Truecaller has a large existing community and the integration of TrueSDK on our mobile app reduces friction for mobile number verification. This gives our consumers an added layer of convenience and security.

Bipin Preet Singh, Founder & CEO-Mobikwik said

At Mobikwik, we’re taking every step keeping customer experience at the centre of focus. By integrating TrueSDK from Truecaller, we look forward to solve many challenges in one shot in our app. Our users while signing up on Mobikwik now will have an auto fill mechanism with their Truecaller verified phone number. Verified phone number based user on-boarding will significantly reduce friction in the user journey and minimise drop-off’s which could be a key in the entire consumer engagement life-cycle.

More reactions from TrueSDK partners

ShopClues is one of the first in the industry to move to the use of verified phone numbers for user registration on our app by tying up with TrueSDK from Truecaller. ShopClues is committed to making the user journey as smooth and seamless as possible. By using Truecaller verified phone number-led credentials we are ensuring that the customers’ propensity to on-board with us is enhanced.

Sanjay Sethi, CEO & Co-founder, ShopClues

By integrating our app with a solution such as the TrueSDK we are solving many problems at one go. Users will no longer need to fill in information manually with the auto-fill option. By auto filling their contact credentials we will be able to considerably reduce friction in user journey. Additionally, owing to the vast user community of Truecaller we will have ready access to a bank of verified phone numbers making the process much simpler and safer.  Going forward, we consider this to be a big step in enhancing our in-app experience.

Rajnish Kumar, Co-founder & Chief Technology Officer (CTO), ixigo

TrueSDK is the first major product to offer verified phone number based sign up/login feature. For OYO Rooms, where we are mobile first and use phone number for user account creation, this really helps in reducing customer friction in signing up. With Truecaller’s large user base, we hope this feature will benefit a large number of our users.

Anurag Gaggar, VP, Products, OYO Rooms

We are pretty excited to partner with Truecaller which has an extensive customer base with verified phone numbers. Personalization on a fast-growing growing channel mobile is key to our success and we strongly believe that this partnership will help us ease the process of signup which is a pre-requisite to our personalization efforts

Krishnan Ramaswami, Head of Products, Analytics and Acquisition Marketing- redBus

CarDekho believes in making our user’s experience seamless and frictionless. The potential of integrating with Truecaller promises authentic details without making users fill forms or enter OTP for verification. We are certain such innovative solutions will be accepted enthusiastically by consumers.

Rahul Yadav, Director-Products, CarDekho

All our profiles carry a verified phone number. The TrueSDK helps the Truecaller user to verify the phone number but also auto fill personal details while registering for Bharat Matrimony App for a seamless experience.

R Chandrasekar, Chief Technology Officer and Information Officer, BharatMatrimony

We are excited to partner with Truecaller on TrueSDK integration with our TV Everywhere and OTT Video platform apps ‘Video-ready’. The True SDK is a revolutionary concept for Video applications as it aids in significant improvements to User Experience by enabling a seamless and verified phone number based authentication process as well as allowing applications to understand the user journey in much more detail and useful ways. The same data can be used in aiding to multiple experiences across personalised content and user engagement.

Dave Mann, EVP-Video Solutions, TO THE NEW Digital

TrueSDK is currently only available for selected partners on Android platform, but will be open to public in near future. To sign up for TrueSDK contact truesdk@truecaller.com with your app details.

Cheetah Mobile, the world’s leading mobile utility provider committed to providing a safer, faster and simpler mobile internet experience, announced findings from its latest global mobile security report focused on Android devices.

The report details the growth of viruses, phishing sites, malware’s, infected devices across major markets [including India], data leakages, and rounds out with security predictions for 2016. The Company’s annual security report is cumulative data based on 567 million global monthly active users and an overall install base of almost two billion users using Cheetah Mobile’s utility applications on their devices.

Key trends in mobile security for 2015

Android viruses rose sharply

The number of Android viruses exceeded 9.5 million, which is larger than twice the total number in the past three years. Compared with 2014’s 2.8million, the growth rate of 2015 is over 22%.

Root Trojans soared in 2015

As it gains system-level privilege, Root Trojans can take complete control of the device and are very hard to remove.

Mobile payments have been targeted by viruses

With the popularization of mobile payment, the number of malware’s targeting mobile banking has increased rapidly.

Data leakage caused great damage

Thousands of companies and hundreds of millions of users have been affected by information leaks in 2015.

Android vulnerabilities emerge one after another

From the Stage fright vulnerability which affected 95% Android devices to the wormhole compromising millions, it seemed like Android vulnerabilities would never end.

China, India and Indonesia were the three most severely afflicted countries. Apart from large Android user bases, another reason of these countries becoming the worst-hit ones is that third-party app markets are prevailing in these areas, and most of these third-party app markets have been contaminated by malware’s due to the weak monitoring of third-party app markets.

Biggest Data Leaks

  • Anthem: 80 million customers’ and employees’ personal information
  • OPM: About 27 million employees’ and applicants’ personal information
  • Ashley Madison: 37 million users’ personal information
  • Hacking Team: 400 GB of data was leaked and scattered on the internet

The graph above represents the number of unique infections detected across all devices that Cheetah Mobile is present on in that market. This number doesn’t represent the total number of devices that Cheetah Mobile’s applications are installed on in that particular country but only the individual devices that were infected over the span of 2015.

In the graphs below, one each for China, the United States & India, the numbers showcase the number of infections overall. The data here means that a single device could have multiple infections multiple times over the course of a year.

Total infections in India: 11,170,960

Total infections in China: 10,461,684

Total infections in America: 9,007,913

Here’s an image depicting the Trojans causing the most infections among devices in India

A Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves & hackers trying to gain access to users’ systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems.

The manner in which they behave differs – some hides in users’ mobile devices to steal text messages, contact information, location data, and even personal photos. Others, like Ghost Push, obtains root access to the affected device and installs more malicious apps and a never ending stream of ads.

Mobile Security Predictions for 2016

  • New security features in Android 5.0 Lollipop and its successors are expected to make Android phones more secure.
  • As Google Play is available in China, Chinese app markets are expected to become more standardized and secure.
  • More effective steps will be taken by Google to enhance Android security in 2016.
  • Globally, mobile payment methods will be attacked more frequently.

For more in-depth data on the state of Mobile Security in 2015, you can refer the detailed report released by Cheetah Mobile

[Image Credit* – Cheetah Mobile]

Increasing use of banking apps on smartphone are set to cause nightmare to consumers and financial institution as per the predictions for 2016 by Trend Micro. Reports say that 3 in 4 apps in India are malicious. Irrespective of the slow adoption rate of mobile payment apps, the introduction of next generation mobile payment systems will inspire a renewed interest for threat actors to carry out real-world testing to steal information from new payment processing technologies like EMV credit cards, contactless RFID credit cards, and mobile wallets like Apple Pay and Google Wallet.

trend-micro-logo

In 2016, the improved security brought by these modes of payment will be challenged by online criminals. Google, on the other hand, released a report that says less than 1% of apps found in Android devices are potentially harmful. Based on the data gathered by Trend Micro as predictions for 2016, this distinction stands, showing that 13% of apps found in Play Store are found to be malicious while Google Play only registered 0.16% malicious apps. This will not be felt in other countries where users typically turn to official app stores for their apps.

Mobile malware will also continue to affect users in India due to the availability of third-party platforms and channels that offer free app downloads. Google Play, for example, is available in India, but reaches only 21 million of the estimated 800 million Chinese mobile users. Given this user behavior, there is no stopping the exponential growth of mobile malware at a rate that’s projected to reach the 20 million mark by the end of 2016.

Online threats will evolve to rely more on mastering the psychology behind each scheme than mastering the technical aspects of the operation. Attackers will continue to use fear as its main tool, as it has proven to be effective in the past.

About Trend Micro

Trend Micro Incorporated, a global leader in security software, strives to make the world safe for exchanging digital information. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. Their solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™ infrastructure & are supported by more than 1,200 threat experts around the globe.  For more information, visit TrendMicro