Cheetah Mobile June Threat Report: Global Rise in Android Banking and Payment Malware

Jul 9, 2014

SAN FRANCISCO, July 9, 2014 /PRNewswire/-- Cheetah Mobile Inc. (NYSE: CMCM), a leading mobile Internet company that provides mission critical applications to help make the Internet and mobile experience speedier, simpler, and safer for users worldwide, today announced its June threat report, available here.

According to the report, mobile banking and mobile payment malware – malicious software that can extort money from users by hijacking personal information and spoofing bank sites or apps to trick victims into sharing personal data – rose in the month of June. The number of infected mobile devices worldwide, as well as the number of malware variants targeting the Android platform , increased in June at a high speed.

Highlights from the report include:

  • Between May 16 to June 15, the number of daily Android users infected by mobile payment malware increased from over 11,000 users to nearly 17,000 users.
  • Throughout the month of June, more than 100 countries have been infected by mobile payment malware. Vietnam (61,366 infected users), Russia (20,476 infected users), and Taiwan (19,667 infected users) are among the worst infected countries.
  • In the United States, researchers saw an increase in infection rates as well: 1311 infected users in March 2014 to 1854 in June 2014.

The four most prevalent threats tracked in June by Cheetah Mobile were:

  • Simplelocker, an evolved form of Cryptolocker, and the first malware found to be able to successfully encrypt data. Currently, there are 40 known variants of Simplelockers, with Russia (6330 infected users), United States (2520 infected users), and Ukraine (2280 infected users) among the most infected countries.
  • Android.Trojan.fubus and Android.Trojan.Fakeinst appeared on the scene in June. These Trojans for Android devices make stealth mobile payments, access the Android device manager, commit SMS fraud, steal mobile data, contact premium rate numbers, and download malware apps on the victim's devices.
  • The "Express Delivery" malware targeted mainly Taiwan users, infecting around 20,000 users. Throughout June, this malware has split into 35 variants.
  • The "Korean BankKiller" malware, which is estimated to infect around 4,000 Korean Android users a day. 

Mobile payment malware can severely impact user device and compromise personal data. The Cheetah Mobile team is consistently monitoring these fast-moving threats and responding immediately through product updates so users receive real-time protection.

The latest CM Security app updates include:

-  CM Simplelocker Cleaner, which eliminates the Simplelocker malware and releases user data.

-  CM Stubborn Trojan Killer, which removes Trojans that make malicious payments without user consent

The full report is available:

Download Clean Master and CM Security for free in Google Play.

Follow us on Facebook

Follow us on Twitter @cheetahGlobal

About Cheetah Mobile

Cheetah Mobile is a leading mobile Internet company with approximately 362 million monthly active users as of March 2014. Its mission critical applications, including Clean Master, CM Security, Battery Doctor and Photo Grid, help make the Internet and mobile experience speedier, simpler, and safer for users worldwide. Cheetah Mobile's Clean Master app is the #1 mobile app in the Google Play Tools category worldwide by monthly downloads, according to App Annie.

The Company also provides various platform products such as, Cheetah Browser, game centers, and mobile app stores to provide multiple user traffic entry points and global content distribution channels for its business partners.

SOURCE Cheetah Mobile Inc.

For further information: Natascha French,, 310.496.4437