Underestimated threat: Mobile malware

23. January, 2020

Eight out of ten people use smartphones regularly, and the trend is rising. Unfortunately, there is a growing trend in the development and distribution of “mobile malware” as well.

Mobile malware is malicious software specifically designed for mobile devices. Statistics on cybercrime now distinguish between different types of malware: phishing, social engineering, drive-by infection, downloading infected apps or exploiting security holes in mobile platforms are among the typical crimes. Most valuable are often bank and payment data that are either misused themselves or resold. Other variants focus on mobile end devices as simpler gateways to later infect or spy on company networks.

Not without reason the good advice is not to install apps from unofficial or unknown sources. Without independent testing or control, the risk is high. In the official Google or Apple App Stores, applications are subjected to various checks and tests before release. But even these checks are not 100% reliable. Apps with malware repeatedly manage to get into the official stores and sometimes spread widely.

Different strategies to deceive users

In order to deceive users after the automatic security checks, various strategies have been developed. According to an analysis by security researcher Lukas Stefanko from September 2019[1] on identified malware, these variants are most often found in the Google Play Store:

  • Adware

    Unwanted pop-up ads earn the attacker commission.

  • Subscription Scam / Fleeceware

    Apps that without permission charge much too high amounts, also as recurring subscription fees, via the PlayStore.

  • SMS Premium Abo

    Malware that unintentionally takes out a paid SMS subscription.

  • Hidden Apps

    After installation, the app hides itself to avoid uninstallation.

  • Fake App

    Imitated and fake apps that look the same as the original application but contain malware.

In addition to these “Top 5” there are of course other variants. What they all have in common is a significant increase in pests over the last few months – unfortunately despite the increasing countermeasures taken by App Store operators.

Watch out for possible mobile threats

Besides the well-known tips such as regular updates and exclusive use of the official App-Stores, further precautions are highly recommended. Pay attention to which apps you install – especially fake apps look very similar to the originals, but sometimes (sufficient) ratings and downloads are missing. Observe the requested rights of the apps and – just like on the PC – do not open any suspicious emails on your smartphone or tablet. But also SMS and messengers like WhatsApp, Telegram, Snapchat and Co. are misused to send links, malware, spam, phishing or similar.

Additionally, security apps help to protect your data and devices. Also, pay attention to name and logo and a well-known developer! A test virus can help to test the functionality of your security app.

Link:

Mobile Security: Keep the control of your data on the smartphone


[1] https://lukasstefanko.com/2019/10/android-security-monthly-recap-9.html

ebsite-Programming
Icon-lock
Smartphone with Android-Icons on the start screen in front of a world map
Image
Online-Shopping  from the comfort of your house
symbol image Ransomware
Emotet
artificial-intelligence
iPhone 5
Schematic representation of the IKARUS managed.defense service to illustrate the interaction between companies and products.
Image
IKARUS anti.virus Version 3.1
CSM Screenshot VirusTotal
Fileless
Image

We are looking forward to hearing from you!

IKARUS Security Software GmbH
Blechturmgasse 11
1050 Vienna

Phone: +43 (0) 1 58995-0
Fax: +43 (0) 1 58995-100
Sales Hotline: +43 (0) 1 58995-500

SUPPORT HOTLINE

Support hotline:
+43 (0) 1 58995-400
support@ikarus.at

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm

Remote maintenance software:
TeamViewer Download
AnyDesk Download