Malware on mobile devices is the last headache for the industry. Due to the proportion of cell phones connected to the internet, it is today the main source of virus transmission.
To graph further how these dangerous guests have evolved and what vulnerabilities they are taking advantage of this 2020, McAfee launched its Mobile Threat Report 2020.
The report indicates that the malware that is coming through hackers uses hidden mobile applications, third-party login and videos of counterfeit games to attract users.
The executive vice president of the McAfee Consumer Business Group, Terry Hicks, commented that “consumers are more connected than ever, and by looking at the current security landscape, as well as future risks, we want to make sure that we are doing everything possible to help consumers protect what matters most to them: their personal data, as well as their family and friends. Mobile threats are playing hide and seek, and we will continue to empower consumers to safeguard their most valuable assets and data. ”
How malware is infecting you
- Hackers use the popularity of games to fool consumers: “They distribute their malicious applications through links in popular chat applications for players and cheat with videos by creating their own content that includes links to fake applications. These applications disguise themselves as genuine cones that closely mimic those of real applications, but serve unwanted advertisements and collect user data. McAfee researchers found that popular applications like FaceApp, Spotify and Call of Duty have fake versions, which try to take advantage of unsuspecting consumers, especially younger users. ”
- The new mobile malware uses third-party login to fool application classification systems: “There is a mobile malware called LeifAccess, also known as Shopper. This malware takes advantage of the accessibility features in Android to create accounts, download applications and publish reviews using names and emails configured on the victim's device. McAfee researchers noted that LeifAccess-based applications are distributed through social networks, gaming platforms, malicious advertising and chat applications for players. False warnings are used for the user to activate accessibility services, which allows a wide range of malware capabilities. ”
- Unique approach to steal confidential data through a legitimate traffic application: “A number of South Korean traffic applications were committed to a fake library and add-on, which could filter confidential files called MalBus. The attack was hidden in a South Korean legitimate traffic application by hacking the developer’s original Google Play account. The series provides a variety of information for each region of South Korea, such as bus stop locations, route maps and schedules for more than five years. MalBus represents a different method of attack since hackers sought the account of a legitimate developer of a popular application with a strong reputation. ”