This week, US cable channel HBO was
hacked. To many Kenyans, this is a far off incident as it will not
disrupt their lives in any way. However, news of smartphones hacking
would certainly cause many to pay attention. This is because
smartphones are always in our hands, and we basically use them for
work, communication and even play.
Internet security
company Eset East Africa has issued an alert to mobile phone users
running on the Android platforms to be wary of alternative app stores’
potential to spread malware such as screen locking malware.
Once infected, the hackers use these as an opportunity to demand for payment in exchange for information.
“Just
like SMS trojans, ransomware threats have evolved over the past few
years with hackers adopting techniques that have proven effective in
regular desktop malware to develop lock-screen types and file-encrypting
ransomware. These have been causing major financial and data losses for
years and which have now made their way to the Android platform,” said
Teddy Njoroge, Kenya Country Manager for ESET.
CopyCat,
a malicious software campaign infected millions of Android devices last
month, said Check Point Software Technologies. The malware had infected
14 million android devices earning the hackers behind the campaign
approximately $1.5 million (Sh155.85 million) in fake ad revenues in two
months.
“CopyCat
is a fully developed malware with vast capabilities, including rooting
devices, establishing persistency, and injecting code into Zygote – a
daemon responsible for launching apps in the Android operating system –
that allows the malware to control any activity on the device,” said
Check Point.
According to researchers, the CopyCat campaign peaked
between April and May 2016 and believe the campaign spread via popular
apps, repackaged with the malware and downloaded from third party app
stores, as well as phishing scams. There was no evidence that CopyCat
was distributed on Google Play, Google’s official app store.
“Fraudulent
ads were on display on 3.8 million of the infected devices (26 per
cent), while 4.4 million, or 30 per cent, of the infected devices were
used to steal credit for installing apps on Google Play,” said Check
Point.
In March 2017, Check Point informed Google about
the CopyCat campaign and how the malware operated. According to Google,
they were able to quell the campaign, and the current number of
infected devices is far lower than it was at the time of the campaign’s
peak.
Eset’s
alert came after the firm discovered that www.CepKutusu.com, a Turkish
alternative Android app store was spreading malware under the guise of
all the offered Android apps on the site.
When users
browsed the Turkish alternative app store CepKutusu.com and proceeded to
download an app, the “Download now” button led to banking malware
detected as Android/Spy.Banker.IE instead of the desired app.
“This
is the first time I’ve seen an entire Android market infected like
that. Within the Windows ecosystem and in browsers, this technique is
known to have been used for some time but in the Android ecosystem, it’s
really a new attack vector,” said ESetAndroid malware researcher, Lukas
Stefanko.
Although CepKutusu.com focused in Turkey and
parts of Europe, the incident points to the growing appetite for mobile
malware by hackers using masking tactics to hoodwink users. This could
soon become the biggest cybersecurity problem yet.
Adware,
a form of malware, poses risks to business and users including theft of
sensitive information, device rooting or jail breaking, evolving attack
objectives and code sharing with the hacking community.
To
protect yourself, Njoroge advises that you should always download apps
from official app stores and practice caution when downloading any
content from the internet. Pay attention to anything suspicious in file
name, size and extension. Lastly is to use a reliable mobile security
solution to protect you from the latest threats.
No comments :
Post a Comment