Malware Attacking Smartphones through New and Smarter Ways

Posted: July 3, 2014 in Mobile Security
Tags: , , , ,

mobile threatsClones and compromised legitimate apps are a concern for mobile users

Cybercriminals continue to attack mobile phones through new and devious tactics, using both malicious clones and legitimate apps as bait.

We’ve stepped into the technologically advanced future that we grew up hearing about for quite some time now and so far it has been great. Unfortunately, the cybercriminal lot is determined to spoil the fun for all of us. After haunting computer machines, primarily Windows computers, for over a decade, they seem to have turned much of their attention to smartphones, the Michael Jackson of technology (oh come on, who doesn’t love the moon-walking King of Pop?). Giving a completely new meaning to communications and entertainment, the cell phones of today leave very little to be desired, except for maybe a force-field to deflect all the malware targeting them. As if the situation wasn’t bad enough already, McAfee Labs has revealed in its quarterly threat assessment that cybercriminals are targeting mobile devices in newer and smarter ways than before.

Clone Wars

Before you get all excited, no, this is not about Star Wars. Instead, it’s about the evil twins or clones of the popular apps that we simply can’t seem to get enough of. According to the McAfee Labs report, cybercriminals are increasingly taking advantage of the popularity of our favorite apps by creating their evil clones. While on the front, these apps show the same functionality as the original, they are up to no good behind the scenes. They may possess additional capabilities that may range from extracting personal data from the target phone, making unsolicited calls from it, scooping up contact data or sending, receiving or recording SMS messages to tracking geolocation and even gaining root access to pretty much take over the entire device. McAfee Labs specifically mentioned Flappy Birds, a game that garnered colossal popularity in its short stint before it got withdrawn by its creator. Looking to capitalize on its hungry fan-base, cybercriminals injected hundreds of clones into the market. Upon sampling 300 of these clones, McAfee Labs discovered that 80 percent of them contained malware. If you’ve got a Flappy Bird clone installed on your phone, it might be a good idea for you to take a break from reading this piece and delete that app right away.

Flappy Bird clones

McAfee Labs Report: Attack of the Flappy Bird clones

The Wolf in Sheep’s Clothing

Another unnerving revelation made by McAfee Labs in its quarterly report was that cybercriminals are exploiting security flaws in some of the legitimate apps and services for malicious purposes. The report mentioned the WhatsApp encryption method exploit, which could be used to steal pictures and conversations. While the popular instant messaging app has covered that security hole, security researchers at McAfee Labs have reasons to believe that the worst is far from over. In fact, they discovered programs that could actually steal money. Disguised as either an Adobe Flash Player update or some other utility app, one such program could access the digital wallet on the compromised device and transfer money to the attacker’s account. Worried? Well, you should be.

New mobile malware

New mobile malware: McAfee Labs Report (June 2014)

New mobile malware

New mobile malware: McAfee Labs Report (June 2014)

A Wake up Call

In light of the latest developments, it has become imperative to not just bolster the defenses of the underlying mobile platform, but also focus on making the apps more secure. With malware getting better at disguising itself, carelessly relying on the filtering system that official distribution platforms have in place, irrespective of their reputation, can prove costly, literally. The onus of defeating the new and deceptive threat doesn’t just fall on the likes of Apple, Google and Microsoft, but also falls on app developers.

Malware is unfortunately a problem with no easy or simple solution. Someone can come up with an impeccable security tool today, only to find it become obsolete and ineffective in a few weeks, if not days. Despite such a dire situation, keeping cybercriminals at bay is an impossible task. Let’s just say vigilance and common sense is their Kryptonite.

About the Author
Alyssa reports and writes on almost every technology related topic, contributing to many tech sites, such as Her special focus is on business apps, wireless technology, mobile phone security and social media. Alyssa considers that a perfect design is an outcome of both form and function working in harmony.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s