Latest news
The sophistication of risky apps, mobile misbehavior and spyware
Posted on 19 February 2013.
McAfee released the results of a new report, documenting sophisticated and complex risky apps containing multi-faceted scams, black market crimes, drive-by downloads and near-field communication threats. They identified a new wave of techniques hackers use to steal digital identities, commit financial fraud, and invade users’ privacy on mobile devices.
Mobile platforms have become increasingly attractive to cybercriminals as consumers live more of their digital lives on smartphones and tablets. According to IDC, mobile devices are surpassing PCs as the preferred way to access the Internet and the number of people using PCs to go online will shrink by 15 million over the next four years, while the number of mobile users will increase by 91 million.
With the mobile space becoming a more enticing platform for online mischief, the complexity and volume of threats targeting consumers will continue to increase. Using its extensive global threat intelligence network (GTI), McAfee Labs analysed mobile security data from the last three quarters.
“Despite elevated consumer awareness of threats on mobile platforms, there is still a significant knowledge gap surrounding how and when devices become infected and the level of potential damage,” said Luis Blando, vice president of mobile product development at McAfee. “Cybercriminals are exhibiting greater levels of determination and sophistication leading to more destructive, multi-faceted hacks that are harder to spot, and thus warrant a greater degree of security and vigilance. Our goal in releasing this report is to help consumers understand the risks they face and learn ways they can stay safe and compute with confidence on all of their devices.”
Risky apps: Cybercriminals are going to great lengths to insert infected apps into trusted sources such as Google Play and the risks within each app are becoming more intricate. As a matter of fact, McAfee Labs found that 75 percent of the malware-infected apps downloaded by McAfee Mobile Security users, who are apt to be more security conscious than the average consumer, were housed in the Google Play store, and that the average consumer has a one in six chance of downloading a risky app. Nearly 25 percent of the risky apps that contain malware also contain suspicious URLs, and 40 percent of malware families misbehave in more than one way.
A risky app may allow someone to:
Drive-by downloads: The first mobile drive-by downloads were seen in 2012 and we expect these to increase in 2013. On a mobile device, a drive-by download fools a user into downloading an app without knowing it. Once a user opens the app, criminals have access to the device.
Near Field Communication: In 2013, we expect to see criminals abuse the tap-and-pay near field communications (NFC) technology used in mobile payment programs, or “digital wallets.” This scam uses worms that propagate through proximity, a process we can call “bump and infect.” The distribution path can quickly spread malware through a group of people such as in a passenger-loaded train or at an amusement park. When the newly infected device is used to “tap and pay” for the next purchase, the scammer collects the details of the wallet account and secretly reuses these credentials to steal from the wallet. Worm malware like this will spread by exploiting vulnerabilities on devices. This development would monetise the 11.8 percent of malware families that already contain exploit behaviors.
As the mobile space evolves, criminals will look at ways to generate revenue from features only mobile devices have. During 2012, about 16 percent of malware families detected by McAfee attempted to get devices to subscribe to premium SMS messages. In 2013, we foresee an increase in threats that will have users finding out they bought premium apps only when they check their bills.
The complete report is available here.
Mobile platforms have become increasingly attractive to cybercriminals as consumers live more of their digital lives on smartphones and tablets. According to IDC, mobile devices are surpassing PCs as the preferred way to access the Internet and the number of people using PCs to go online will shrink by 15 million over the next four years, while the number of mobile users will increase by 91 million.
With the mobile space becoming a more enticing platform for online mischief, the complexity and volume of threats targeting consumers will continue to increase. Using its extensive global threat intelligence network (GTI), McAfee Labs analysed mobile security data from the last three quarters.
“Despite elevated consumer awareness of threats on mobile platforms, there is still a significant knowledge gap surrounding how and when devices become infected and the level of potential damage,” said Luis Blando, vice president of mobile product development at McAfee. “Cybercriminals are exhibiting greater levels of determination and sophistication leading to more destructive, multi-faceted hacks that are harder to spot, and thus warrant a greater degree of security and vigilance. Our goal in releasing this report is to help consumers understand the risks they face and learn ways they can stay safe and compute with confidence on all of their devices.”
Risky apps: Cybercriminals are going to great lengths to insert infected apps into trusted sources such as Google Play and the risks within each app are becoming more intricate. As a matter of fact, McAfee Labs found that 75 percent of the malware-infected apps downloaded by McAfee Mobile Security users, who are apt to be more security conscious than the average consumer, were housed in the Google Play store, and that the average consumer has a one in six chance of downloading a risky app. Nearly 25 percent of the risky apps that contain malware also contain suspicious URLs, and 40 percent of malware families misbehave in more than one way.
A risky app may allow someone to:
- Steal personal information such as banking, email or wireless account details and combine that with location data to put together a complete picture of who you are
- Perpetuate fraud such as an SMS scam that will charge you without your approval
- Abuse a device by making it part of a criminal bot network, which allows someone to remotely control your phone.
Drive-by downloads: The first mobile drive-by downloads were seen in 2012 and we expect these to increase in 2013. On a mobile device, a drive-by download fools a user into downloading an app without knowing it. Once a user opens the app, criminals have access to the device.
Near Field Communication: In 2013, we expect to see criminals abuse the tap-and-pay near field communications (NFC) technology used in mobile payment programs, or “digital wallets.” This scam uses worms that propagate through proximity, a process we can call “bump and infect.” The distribution path can quickly spread malware through a group of people such as in a passenger-loaded train or at an amusement park. When the newly infected device is used to “tap and pay” for the next purchase, the scammer collects the details of the wallet account and secretly reuses these credentials to steal from the wallet. Worm malware like this will spread by exploiting vulnerabilities on devices. This development would monetise the 11.8 percent of malware families that already contain exploit behaviors.
As the mobile space evolves, criminals will look at ways to generate revenue from features only mobile devices have. During 2012, about 16 percent of malware families detected by McAfee attempted to get devices to subscribe to premium SMS messages. In 2013, we foresee an increase in threats that will have users finding out they bought premium apps only when they check their bills.
The complete report is available here.
Spotlight
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Hacking charge stations for electric cars
Posted on 15 May 2013. | Ofer Shezaf talks about what charge stations really are, why they have to be ‘smart’ and the potential risks created to the grid, to the car and most importantly to its owner’s privacy and safety.
Daily digest
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
Weekly newsletter
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
