Mobile devices fast becoming security’s weak link

The latest McAfee Labs quarterly Threat Report shows rapid growth in exploitation of mobiles, just as mobiles become the client tool of choice for many business users

  • 11 years ago Posted in

Users will, of course, have got used to the idea of Intel x86-based systems, be they laptops or multi-node servers, being the target for malware attacks, especially in the cloud. Most are more than armed and prepared to repel them. But as the latest report from McAfee Labs makes clear, the big security threat is now starting to come from mobile devices.

And for most businesses these days, the range and capability of security threats now appearing and rapidly becoming widespread should clang alarm bells. With smartphones and tablet systems now becoming the client interface of choice for most users of cloud-delivered services, and Bring Your Own Device (BYOD) regimes becoming part of the typical work environment for many businesses, the McAfee Threats Report: Second Quarter 2013 should be important bedtime reading for most IT managers.

It found, for example, that Android-based malware rebounded in the wild, achieving a 35 percent growth rate not seen since early 2012. Popular targets for the hackers are SMS-stealing banking malware, fraudulent dating and entertainment apps, weaponised legitimate apps, and malicious apps posing as useful tools.

The company also registered twice as many new ransomware samples in Q2 as in Q1, raising the 2013 ransomware count higher than the total found in all previous periods combined.

The second quarter also saw a 16 percent increase in suspicious URLs, a 50 percent increase in digitally-signed malware samples, and notable events in the cyber-attack and espionage areas, including revelations around the Operation Troy network targeting U.S. and South Korean military assets, and multiple attacks on the global Bitcoin infrastructure.

The latter is particularly concerning as the German Finance Ministry has just announced that it is recognising Bitcoin as an official `unit of account’ which leaves transactions open for taxation.

There are common mobile strategies adopted by hackers that McAfee Labs researchers have identified.

In the area of banking malware they identified four significant pieces of mobile malware that capture the traditional usernames and passwords, and then intercept SMS messages containing bank account login credentials. Both parts are required for two-factor authentication.  The hackers then directly access accounts and transfer funds.

Fraudulent dating apps set out todupe users into signing up for paid services that do not exist. The profits from the purchases are later supplemented by the ongoing theft and sale of user information and personal data stored on the devices. The research also revealed the increasing use of legitimate apps altered to act as spyware on users' devices. These collect a large amount of personal user information (contacts, call logs, SMS messages, location) and upload the data to the attacker’s server. Hackers are also using apps posing as helpful tools, such as app installers that actually install spyware that collects and forwards valuable personal data.

Cybercriminals are also staring to exploit some of the approaches used as defence by business, such as creating malware that is signed with legitimate certificates.Another trick is to entice individuals to visit an unknown URL, where the visitor’s system can then be infected for subsequent use. By the end of June the total number of suspect URLs tallied by McAfee Labs reached 74.7 million, which represents a 16 percent increase over the first quarter.

Ransomware, where a company’s is forcibly closed down in some way and only released on payment of a ransom,  is now big business for the hackers. McAfee found 320,000 new samples in the second quarter alone, demonstrating the profitability of the tactic.

The attacks on the Bitcoin Infrastructure are both inevitable, as it grows in importance, and worrying.In addition to disruptive distributed denial of service attacks (DDoS), users have been infected with malware that uses computer resources to mine and steal the virtual currency.

 “The mobile cybercrime landscape is becoming more defined as cybergangs determine which tactics are most effective and profitable,” said Vincent Weafer, senior vice president, McAfee Labs. “As in other mature areas of cybercrime, the profit motive of hacking bank accounts has eclipsed the technical challenges of bypassing digital trust. Tactics such as the dating and entertainment app scams benefit from the lack of attention paid to such schemes; while others simply target the mobile paradigm’s most popular currency: personal user information.”

Talent and training partner, mthree, which supports major global tech, banking, and business...
On average, only 48% of digital initiatives meet or exceed business outcome targets, according to...
GPUaaS provides customers on-demand access to powerful accelerated resources for AI, machine...
TMF Group, a leading provider of critical administrative services for global businesses, turned to...
Strengthening its cloud credentials as part of its mission to champion the broader UK tech sector...
Nearly all UK IT managers surveyed (98%) state cloud investment is an organisational priority for...
LetsGetChecked is a global healthcare solutions company that provides the tools to manage health...
Node4 to the rescue.