Predictions 2019: "The era of simple Android malware is over"


Whether on smartphones, desktop computers, crypto currencies or websites - IT security is becoming increasingly important for end-users. We give an outlook on the most important trends for the year 2019.

Colourful packaging is not only available for Christmas - but also used by malware throughout the year. Android Malware becomes more sophisticated users, and online banking is also tricky. Our Security Predictions for 2019 give an overview of the biggest threats for customers.

The malware ecosystem relies on colorful packaging


According to the G DATA experts, a trend from the past years will increase significantly: "Criminals will pack their malware in ever new forms and try to protect their development from being discovered by antivirus solutions", says Thomas Siebert, Head of Protection Technologies at G DATA. "We are using our new AI technology DeepRay to protect users against these threats.”


Criminals usually shy away from the expense of developing new Malware-strains from scratch. Instead, malware is programmed once and then repackaged over and over again. Encryption technologies or so-called packers are used for this purpose. The packers work similar to Winzip on the computer - but are specially adapted to the needs of criminals. DeepRay can look through the packaging and detect malware quickly and efficiently.

Criminals quickly exploit new technologies to their advantage


The experience of the past years shows that new web technologies and standards are usually quickly exploited by criminals if they can increase their own profit. In 2018, this was primarily web assembly, a web standard that allows machine code (assembler) to be executed in the browser and thus offers enormous performance advantages over conventional technologies such as JavaScript.

Damages in online banking increase

The security precautions in online banking have been successively increased in recent years. Criminals have to invest a lot of time and effort in order to successfully carry out attacks. This is why the experts at G DATA SecurityLabs expect fewer attacks overall, but they are becoming much more targeted. As a result, the individual damages incurred by users are going to increase.  The attackers do not only rely on malware, though.


For example, SIM cards are still being fraudulently copied or multi-sim cards ordered to incorrect addresses without the user's knowledge. In this way, seemingly legitimate transfers can be made with the help of compromised accesses.

GDPR: Consumers will learn more about data leaks


The issue of data protection and the handling of data by companies will change in the coming years as a result of the Genereal Data Protection Regulation (GDPR). After 2018 was marked by uncertainties and fears regarding the new rules, users will find out from 2019 what the changes mean in practice.


Information on data protection problems will appear more frequently, for example after a hack or data leak. And companies that do not take their disclosure obligations seriously will face significant fines in the future. The chat provider Knuddels had to pay a fine of 20,000 euros in 2018 because the provider's systems were not adequately secured. The data protection authorities attested to the company's good cooperation and exemplary handling of the incident - otherwise the fine would have been significantly higher.


"We expect that the new penalties will lead to a better understanding among users. It is important to many customers that companies handle entrusted data carefully. The EU GDPR can help to strengthen this awareness," says Tim Berghoff, Security Evangelist at G DATA.


The ePrivacy Regulation, which is currently in the legislation stage, is likely to provide for even more discussion in the coming years. Depending on which viewpoint prevails, data collection on websites, for example, could be significantly restricted. The EU Parliament and the Council of the European Union have partly opposing views on this issue. The trilogue procedure between the European institutions, which will presumably begin next year, will show whether users will have to agree to each survey using the opt-in procedure.

Smartphone: "The time of simple Android malware is over".


Even if the mobile operating system Android from Google is generally considered to be the less secure alternative to iOS from Apple, a lot has happened in the area of security at Android in recent years. Improvements at the operating system level itself and in Google's Play Store mean that malware authors will have to work harder in the future to get their malware onto users' devices. Smartphone manufacturers are also by "Project Treble" and stricter contracts to ensure a better supply of the devices with security updates.

“The time of simple Android malware is passing," says Alexander Burris, Lead Mobile Researcher at G DATA. "In the area of mobile malware, we are currently observing a development similar to that of the desktop PC about ten years ago. All in all, a clear professionalization of the scene is to be expected, malware will also become a commodity on mobile operating systems.


It is clear that smartphone users are a sought-after target for cyber criminals. This is because the entire digital life of the user now takes place on the devices. Many users use the devices not only to manage their e-mails, but also their finances. The figures from the G DATA Mobile Malware Report also show that the smartphone is a lucrative target: every 7 seconds a new malicious application is created.

5G is on everyone's lips, but will not play a role in 2019 yet


5G is currently a hot topic in the mobile phone industry. And even if the new mobile communications standard brings important changes in infrastructure and IT security, it will not yet play a major role for users in 2019. Broad availability is not expected until 2020. If you are currently worried about the security of your telephone calls, it would be best to select the "LTE only" option for your mobile phone - if the network operator's coverage allows this. Alternatively, encrypted messengers such as Signal or Wire can also be used for calls.


Encryption and access control of the smartphone - also for private users - remain important. While securing the device with passcode or fingerprint and encrypted memory is now standard on iPhones, this option often has to be activated manually by users on Android devices. This is due on the one hand to the very different hardware requirements for the devices, and on the other hand to the different sensitizations for the topic of security among the manufacturers themselves.


Even though we have seen hidden cryptomining apps for smartphones over and over again, this will probably not become a trend due to the limited computing power.

Crypto currencies targeted by criminals


An important trend in 2018 was the illegal mining of crypto currencies such as Bitcoin, Monero or Ethereum. The miners were hidden in numerous websites. Criminals also use new web technologies such as Webassembly. For the coming year, Ralf Benzmüller, Executive Speaker of G DATA SecurityLabs, expects further hidden miners. In addition, attacks on crypto currency wallets would increase. "Criminals have many tricks in their book," says Benzmüller. "Malware can exchange target addresses when transferring crypto currencies and thus cause major losses. Very cleverly, only as few characters of the wallet address as possible are exchanged. As a result, the attack is difficult to detect, even when checked by users."


G DATA has extended its BankGuard technology to protect against the copying of access data in crypto currency wallets. This can monitor the processes of wallets and online banking applications and thus protect against hostile takeover by malware. This can also prevent numerous attacks such as the exchange of IBAN or Bitcoin addresses.

Social Media: European elections targeted by hackers?


The European election could also become the target of IT-based attacks. In addition to fake news campaigns, we are likely to have to deal with controversial methods of addressing voters and election advertising again. The discussion about Cambridge Analytica, memories of the elections played out by Facebook and microtargeting by special voter groups via social media have occupied society, but so far have not led to any consequences.