Wednesday, August 2, 2017

Beware, smartphones can now bring hackers into your hands

Hackers use malware attack as an opportunity to demand payment in exchange for information. File photo | nmg Hackers use malware attack as an opportunity to demand payment in exchange for information. File photo | nmg 
This week, US cable channel HBO was hacked. To many Kenyans, this is a far off incident as it will not disrupt their lives in any way. However, news of smartphones hacking would certainly cause many to pay attention. This is because smartphones are always in our hands, and we basically use them for work, communication and even play.
Internet security company Eset East Africa has issued an alert to mobile phone users running on the Android platforms to be wary of alternative app stores’ potential to spread malware such as screen locking malware.
Once infected, the hackers use these as an opportunity to demand for payment in exchange for information.
“Just like SMS trojans, ransomware threats have evolved over the past few years with hackers adopting techniques that have proven effective in regular desktop malware to develop lock-screen types and file-encrypting ransomware. These have been causing major financial and data losses for years and which have now made their way to the Android platform,” said Teddy Njoroge, Kenya Country Manager for ESET.
CopyCat, a malicious software campaign infected millions of Android devices last month, said Check Point Software Technologies. The malware had infected 14 million android devices earning the hackers behind the campaign approximately $1.5 million (Sh155.85 million) in fake ad revenues in two months.
“CopyCat is a fully developed malware with vast capabilities, including rooting devices, establishing persistency, and injecting code into Zygote – a daemon responsible for launching apps in the Android operating system – that allows the malware to control any activity on the device,” said Check Point.
According to researchers, the CopyCat campaign peaked between April and May 2016 and believe the campaign spread via popular apps, repackaged with the malware and downloaded from third party app stores, as well as phishing scams. There was no evidence that CopyCat was distributed on Google Play, Google’s official app store.
“Fraudulent ads were on display on 3.8 million of the infected devices (26 per cent), while 4.4 million, or 30 per cent, of the infected devices were used to steal credit for installing apps on Google Play,” said Check Point.
In March 2017, Check Point informed Google about the CopyCat campaign and how the malware operated. According to Google, they were able to quell the campaign, and the current number of infected devices is far lower than it was at the time of the campaign’s peak.
Eset’s alert came after the firm discovered that www.CepKutusu.com, a Turkish alternative Android app store was spreading malware under the guise of all the offered Android apps on the site.
When users browsed the Turkish alternative app store CepKutusu.com and proceeded to download an app, the “Download now” button led to banking malware detected as Android/Spy.Banker.IE instead of the desired app.
“This is the first time I’ve seen an entire Android market infected like that. Within the Windows ecosystem and in browsers, this technique is known to have been used for some time but in the Android ecosystem, it’s really a new attack vector,” said ESetAndroid malware researcher, Lukas Stefanko.
Although CepKutusu.com focused in Turkey and parts of Europe, the incident points to the growing appetite for mobile malware by hackers using masking tactics to hoodwink users. This could soon become the biggest cybersecurity problem yet.
Adware, a form of malware, poses risks to business and users including theft of sensitive information, device rooting or jail breaking, evolving attack objectives and code sharing with the hacking community.
To protect yourself, Njoroge advises that you should always download apps from official app stores and practice caution when downloading any content from the internet. Pay attention to anything suspicious in file name, size and extension. Lastly is to use a reliable mobile security solution to protect you from the latest threats.

No comments :

Post a Comment