Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

Hackers could be launching 'sneak attacks' against your smartphone

Image Description

Cybercriminals discovered new methods and deployed advanced tactics to defraud mobile users during the pandemic, new research suggests.

A report published by security firm McAfee shows that, despite the fact many people were consigned to their homes, fraudsters redoubled efforts to steal data and financial information from mobile devices, such as smartphones and tablets.

In a previous iteration of the Mobile Threat Report, the company announced that hidden applications posed the greatest threat to mobile users, but attackers have now expanded their arsenal with new billing and banking fraud techniques and more.

Many of these attacks use pandemic-related themes to lure victims into clicking malicious links or triggering downloads that provide attackers with both information and, in some cases, control over the infected device.

“We’ve seen how the pandemic not only led to an increased dependence on mobile devices, but how it has prompted bad actors into developing new ways of tricking consumers and stealing their personal data. As well as these advanced forms of malware and deceit, we’ve seen that hackers are also returning to billing scams, but using new tricks,” explained Raj Samani, McAfee Fellow and Chief Scientist.

“As consumers continue to carry out daily activities on-the-go, it is critical that they stay educated and proactive about protecting their personal data.”

Mobile malware

A common strategy among cybercriminals is to piggyback on newsworthy events, to encourage people to engage with fraudulent emails, SMS messages or applications. Since late last year, the vaccine rollout has acted as the perfect hook.

According to McAfee, attackers capitalized on anxiety surrounding Covid-19 to infect mobile devices with malware that generates revenue by serving up display ads and steals banking information, financial credentials and other personal data.

Analysis of malware trends suggests the vast majority (90%) of all pandemic-related threats took the form of trojans, a type of malware disguised as a legitimate application or service. For example, hackers created fake vaccination registration apps that demand access to SMS messages, spreading themselves further via the victim’s contact book.

Worryingly, some fraudulent applications were also distributed via official application stores, such as Google Play. In one particular instance, a series of applications masquerading as creative software were downloaded by 700,000 Android users before the threat was detected and addressed. The campaign saw victims infected with billing fraud malware capable of signing up to premium subscription services without the person’s knowledge or consent.

McAfee also registered a 141% increase in banking trojans between Q3 and Q4 2020, attributed in large part to the release of Cerberus source code, which gave rise to a number of imitation malware strains. This trojan family is known to intercept SMS messages and 2FA codes, as well as stealing financial details using overlays that sit atop banking and shopping applications.

Gazing into its crystal ball, McAfee believes this year will be characterized by “sneak attacks” and malware that abuses misinformation to gain a foothold. These attacks will be underpinned by new techniques developed by threat actors that make identifying malware infections all the more challenging.

To shield against mobile malware attacks, users are advised to download content from official app stores exclusively and to research the developer, to find out what other users have to say. Other strategies include protecting devices with antivirus software, ensuring all applications remain as up to date as possible and exercising caution when applications ask for new access permissions.

Date

28 Jun 2021

Sources


Share


Other Blog

  • One of Europe’s largest media companies just sold its web hosting division

    German giant sells off web hosting arm in deal worth around €50 million.

    Read More
  • Liquidweb's iThemes adds membership management company to portfolio

    iThemes will allow users to expand the membership and course offerings for their sites through Restrict Content Pro acquisition.

    Read More
  • Windows 10 update delivers official fix for latest Blue Screen of Death issue

    If your Windows 10 PC has been crashing when trying to print, this fix is what you need.

    Read More
  • Best back to school sales in the UK: save on laptops, iPads, headphones and more

    The best back to school sales already available in the UK - save big on laptops, headphones, tablets and more.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us