Leading online security vendor, McAfee Labs today released the results of its Mobile Security: McAfee Consumer Trends Report, documenting sophisticated and complex risky apps containing multi-faceted scams, black market crimes, drive-by downloads and near-field communication threats.
The report identifies a new wave of techniques hackers use to steal digital identities, commit financial fraud, and invade users’ privacy on mobile devices.
Key Findings:
- Unlike the email- and website-based infections typical of PCs, mobile malware is distributed primarily through infected apps today
- 3 percent of malware-infected apps in the overall mobile app zoo came from the Google Play store
- Within the fairly conservative McAfee user community, 75 percent of malware-infected apps were downloaded from Google Play
- Crooked app stores use black hat search engine optimization (SEO)
- Based on the experience of McAfee users, typical consumers have at least a 1 in 6 chance of downloading apps that include malware or suspicious URLs
- Almost 1/4 of the risky apps that contain malware also contain suspicious URLs
- 40 percent of malware families misbehave in more than one way, showing the sophistication and determination of the criminals
- 23 percent of mobile spyware joins a botnet or opens a backdoor, increasing the risk of data loss or device abuse
In the report, McAfee Labs identifies the following threats as the most severe existing and new trends consumers will encounter in 2013:
Risky Apps: Cybercriminals are going to great lengths to insert infected apps into trusted sources such as Google Play and the risks within each app are becoming more intricate. As a matter of fact, McAfee Labs found that 75 percent of the malware-infected apps downloaded by McAfee Mobile Security users, who are apt to be more security conscious than the average consumer, were housed in the Google Play store, and that the average consumer has a one in six chance of downloading a risky app. Nearly 25 percent of the risky apps that contain malware also contain suspicious URLs, and 40 percent of malware families misbehave in more than one way.
A risky app may allow someone to:
- Steal personal information such as banking, email or wireless account details and combine that with location data to put together a complete picture of who you are
- Perpetuate fraud such as an SMS scam that will charge you without your approval
- Abuse a device by making it part of a criminal bot network, which allows someone to remotely control your phone
Black Market Activity: Botnet clients, downloaders, and rootkits are generic, useful software sold on black markets as part of software toolkits. Criminals use these to commit premium SMS and click fraud, spam distribution, data theft, or bank fraud – and the complexity of these criminal activities is growing. Commercial criminals are now reusing and recombining these components to devise new, profitable schemes.
Drive-by Downloads: The first mobile drive-by downloads were seen in 2012 and McAfee expect these to increase in 2013. On a mobile device, a drive-by download fools a user into downloading an app without knowing it. Once a user opens the app, criminals have access to the device.
Near Field Communication: In 2013, McAfee expect to see criminals abuse the tap-and-pay near field communications (NFC) technology used in mobile payment programs, or “digital wallets.” This scam uses worms that propagate through proximity, a process call “bump and infect.” The distribution path can quickly spread malware through a group of people such as in a passenger-loaded train or at an amusement park. When the newly infected device is used to “tap and pay” for the next purchase, the scammer collects the details of the wallet account and secretly reuses these credentials to steal from the wallet. Worm malware like this will spread by exploiting vulnerabilities on devices. This development would monetize the 11.8 percent of malware families that already contain exploit behaviors.
As the mobile space evolves, criminals will look at ways to generate revenue from features only mobile devices have. During 2012, about 16 percent of malware families detected by McAfee attempted to get devices to subscribe to premium SMS messages. In 2013, McAfee foresee an increase in threats that will have users finding out they bought premium apps only when they check their bills.
For a full copy of the report from McAfee Labs, with additional threats, hit the link below.
[Download]– Mobile Security: McAfee Consumer Trends Report
