For a long time now, mobile devices have become a necessity and are no longer a novelty. It has become a ‘lifeline’ in times of need and emergencies. It’s a communication tool like no other, keeping us connected at all times via emails or social networking sites.Is it a wonder then that cyber criminals are increasingly targeting mobile users? In 2014, over the course of the year, there was an incredible 75% jump in Android malware (malicious software – see Definition). The reason for the increase is due to new mobile threats like ransomware.
Even though mobile operators have adopted countermeasures to crack down on mobile attackers for premium-rate SMS abuse, the attacker’s strategies have shifted to new scams or threats. Ransomware being one of them. Threats such as ScareMeNot and ScarePackage are two of the top-five most prevalent threats in the US, UK and Germany. ScarePackage is known to disguise itself as an Adobe Flash update or a variety of anti-virus apps. It is distributed as a drive-by-download (see Definition). It will then seem to scan the victims’ mobile phones and locks the device stating that it found some malicious content. In 2014, Lookout found that there were a few mobile threats such as DeathRing and a new variant of Mouabad, which pointed to the compromise of mobile supply chains and the pre-loading of malware of factory-shipped devices. DeathRing poses as a ringtone app and downloads fake SMS content on the victim’s mobile phone. This may be an attempt to capture the victim’s login credentials by impersonating trusted organizations like banks. Lookout also said that a new variant of NotCompatible, that was first discovered in 2012, a sophisticated mobile threat with layers of complex self-defense mechanisms to evade detection and countermeasures, gained considerable traction in the US and Western Europe. One of the most prevalent mobile threats is Adware (see Definition). Nevertheless, in 2014 the prevalence fell as a result of Google’s crackdown on adware and it’s continued policing of Google Play Store, resulting in reducing the number of advertising practices in Android applications. Though, such threats have fallen, new ones like chargeware (see Definition) are on the rise. This seems to be regional in nature, especially in Western Europe. |
The growth of such attacks is frightening. Though it seems like countries in the west are the main targets, never for a moment think that it will not affect users in this part of the world, as we place heavy dependence on mobile phones not just for communication, but as an essential tool to for our business and personal needs.
Source |
1. Infosecurity magazine.2. Lookout Security Threat report.
3. Bar Chart image of Mobile Threats – from Lookout. |
Definition |
1. Malware – includes threats such as viruses, worms, Trojans, spyware and ransomware. In mobile devices, the malware apps steal data, commit financial fraud, and impact device performance.2. Drive-by-download – a program that is automatically downloaded to your computer without your consent or even your knowledge. The program may include a computer virus, spyware, Trojan or worm.
3. Adware – serve adds that interfere with standard mobile operating experiences. Such apps may also collect personal data that is not standard advertising practice. 4. Chargeware – apps that charge users for content or services with clear notification. |