Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Mobile Malware. Show all posts

Mobile Menace: McAfee's 2023 Report on the Top Mobile Threats

Mobile security

Mobile Data Security: Insights from McAfee's 2023 Consumer Mobile Threat Report

Mobile devices are an essential part of our lives today. From staying connected with our loved ones to handling our finances and work-related tasks, smartphones have become indispensable. However, this convenience comes with a price. 

As our dependence on mobile devices increases, so do the risks associated with mobile data security. In this blog post, we will explore some insights from McAfee's 2023 Consumer Mobile Threat Report and discuss how we can protect our mobile data.

According to the report, cybercriminals are getting more sophisticated in their approach toward mobile threats. They are using advanced techniques such as ransomware, malware, and phishing attacks to target mobile devices. 

One of the primary reasons behind the rise in mobile malware is the increase in app usage. Malicious apps often masquerade as legitimate ones, making it challenging to identify them. Once they gain access to your device, they can steal your personal information or lock your device, demanding a ransom payment. Another alarming trend highlighted by the report is the rise of phishing attacks. 

Cybercriminals are using social engineering techniques to trick users into providing their login credentials, credit card details, or other sensitive information. They do this by creating fake login pages that look identical to the original ones. Once you enter your details, criminals can use them to gain unauthorized access to your accounts.

McAfee's report suggests the following these things-

Stay safe from malicious apps

Millions of apps are available on the App Store and Google Play Store, but some of them may contain malware, which can provide hackers access to your device's data once downloaded. 

McAfee's Mobile Threat Report advises that users should be particularly cautious when downloading image editors and photography apps, business and phone utility apps, gaming tips and cheats, and social media tools. 

Users should also be wary of fake ChatGPT apps or those that claim to be powered by GPT-4. Additionally, users should be cautious of apps that charge excessively, which could be a red flag, as ChatGPT, Google's Bard, and Microsoft's Bing are all free to use on the web.

If an app has infected your device with malware, there may be some indicators such as increased mobile data consumption, rapid battery drain, subscriptions that you did not knowingly sign up for, or unfamiliar apps on your home screen. 

The report suggests running a virus scan with a trusted security app, restarting your device, deleting any suspicious software, or performing a factory reset as a last resort if your phone has been infected with malware.

Staw away from scammers

You should be cautious of scammers who may reach out to you through various means such as email, text, or social media direct messages. In the past, scams could be identified by incorrect grammar, spelling, or syntax in their messages. 

The report suggests scammers are now leveraging AI tools like ChatGPT to produce convincing and accurate scams without grammatical errors. This means that users need to conduct more thorough investigations to determine whether they are being scammed.

When trying to identify a scam, it's essential to look for certain indicators. Scammers often try to make you act urgently, contact you from unfamiliar numbers or names, and pressure you to provide personal information. You should remain vigilant and cautious when receiving unexpected messages or requests for information.

Keep a watch over kids

The risk of malware is not limited to work-related apps, such as productivity tools or photo editors. According to McAfee, malicious apps can also be disguised as apps aimed at children. These apps can be promoted on popular social media platforms like Instagram, TikTok, and YouTube and often target children by advertising cheats or gaming mods for games like Minecraft and Roblox. 

As children do not possess the same level of critical thinking skills as adults, it is essential to help your children keep their devices safe.

To safeguard your child's device, McAfee recommends setting clear boundaries on app downloads and ensuring that your child consults with you before downloading any apps so that you can verify their legitimacy. Additionally, you should lock your child's device to prevent them from entering any payment information into malicious apps. 

It's also important to keep track of any in-app purchases your child wishes to make, as these can be for game add-ons, character skins, or upgrades, which can be expensive. As these apps target children, your child may be misled into using your money to make costly purchases.

Android users may face hacker attacks under the guise of applications about coronavirus


Cybercriminals attack users of Android mobile devices using malicious applications disguised as legitimate information software about the new COVID-19 coronavirus infection. After installing the malicious app, the hacker gained control of the victim's Android device through access to calls, SMS, calendar, files, contacts, microphone, and camera.

Hackers continue to exploit people's fear of spreading the virus: malicious applications were found by experts on sites with domains associated with the coronavirus. Researchers have not yet discovered such applications on the Google Play Store.

Experts report that the apps were created using the Metasploit tool used for penetration testing. This software allows anyone with basic computer knowledge to create malicious applications in just 15 minutes: it’s enough to configure Metasploit for your goal, select the exploit and payload.

Such applications can easily gain control of the device. After launching on a device running on the Android operating system, the application hides the icon from the screen so that it is more difficult to detect and remove it.

Vasily Diaghilev, head of Check Point Software Technologies representative office in Russia and the CIS, says that in the current situation, the most alarming thing is how quickly and easily malicious applications can be created and reminds us of the need to follow the rules of digital hygiene.

Check Point researchers previously reported that more than 30,103 new coronavirus-related domains were registered in the past few weeks, of which 0.4% (131) were malicious and 9% (2,777) were suspicious. In total, since January 2020, more than 51 thousand domains associated with the coronavirus have been registered.

Check Point: 56 apps from the Google Play Store hide a new dangerous malware


Check Point experts have identified a new family of malware in the Google Play Store. It was installed in 56 Google Play Store apps that have been downloaded almost a million times by users worldwide. 24 apps among the damaged 56 are children's games, as well as utilities such as calculators, translators, cooking apps and others. As it is specified, applications emulate the behavior of a real user.

Tekya malware uses the MotionEvent mechanism in Android that simulates a click on an ad banner (first discovered in 2019) to simulate user actions and generate clicks.

Imitating the actions of a real person does not allow the program or a third-party observer to understand the presence of fraud. This helps hackers to attack online stores, make fraudulent ads, promote advertising, promote sites in search engine results, and also serve to carry out banking operations and other illegal actions.

During the research, Tekya went unnoticed by the VirusTotal and Google Play Protect programs.
Hackers created copies of official popular apps to attract an audience, mostly children since most apps with Tekya malware are children's games.

However, the good news is that all infected apps have already been removed from the Google Play.
This case shows that malicious app features can still be found in Google Play. Users have access to almost 3 million apps in the Google Play Store, and hundreds of new ones are downloaded daily, making it difficult to check the security of each individual app.

Although Google is taking steps to ensure security and prevent malicious activity on the Google Play Store, hackers are finding ways to access users' devices through the app store. So, in February, the Haken family of malware was installed on more than 50 thousand Android devices through various applications that initially seemed safe.

Hike in Banking Malware Attacks; Mobile Malware A Part of Cyber-Crime Too!



Banking malware is on a rise and the percentage of the wreckage it causes has risen up to 50%.

The viral banking malware usually is on the lookout for payment data, credentials and of course, cash.

Development kits for mobile malware code are easily available on underground portals and hence this issue is relevant.

The creators of mobile bankers henceforth allow the fabrication of new versions of malware that could be distributed on an enormous scale.

Ramnit (28%), Trickbot (21%) and Ursnif (10%) are apparently the most widely known types of the malware.

Mobile malware happens to be pretty difficult to identify and equally so to deal with as they use similar malicious techniques that are applied on computers.

The variants of the malware that were recurrently identified by the anti-virus solutions were Android-bound Triada (30%), Lotoor (11%) and Hidad (7%).

Turning the anti-malware off, using transparent icons with empty application labels, delayed execution to bypass sandboxes, and encrypting the malicious payload are a few of the evasion techniques being employed, per sources.