Security Experts:

Mobile Malware Leveraging Trusted App and Service Vulnerabilities: McAfee

Cybercriminals are increasingly abusing flaws in trusted mobile apps and services in an effort to distribute malware, McAfee Labs revealed in a threat report published on Tuesday.

McAfee's report provides three examples of malicious applications exploiting features and vulnerabilities in legitimate apps and services. The first example details how an app offered on Google Play automatically downloaded, installed, and launched other apps without a user’s permission. The application in question, detected as Android/BadInst.A, helped the attackers make a profit through a pay-to-download scheme, but it could have been used just as easily to download malware.

A different threat, a Trojan detected as Android/Waller.A, was found exploiting a security hole in the Visa QIWI Wallet digital wallet service to steal money from victims. The final example provided by McAfee is a piece of malware (Android/Balloonpopper.A) designed to exploit an encryption weakness in WhatsApp to intercept users' conversations and photos.

Cybercriminals are also leveraging the popularity of various mobile applications to achieve their goals. McAfee analyzed 300 clones of the Flappy Bird game and found that close to 80% of them contained malware. The rogue apps have been designed to make calls, track geolocation, harvest contact information, and send and receive SMS messages without the user's permission.                                                             

According to McAfee, the total number of mobile malware samples increased by 167% between Q1 2013 and Q1 2014. In the first quarter of 2014, over 750,000 new unique samples were detected by the company.

“We tend to trust the names we know on the internet and risk compromising our safety if it means gaining what we most desire,” noted Vincent Weafer, senior vice president for McAfee Labs.

“The year 2014 has already given us ample evidence that mobile malware developers are playing on these inclinations, to manipulate the familiar, legitimate features in the mobile apps and services we recognize and trust. Developers must become more vigilant with the controls they build into these apps, and users must be more mindful of what permissions they grant.”

The complete McAfee Labs Threats Report: June 2014 is available online.

view counter
Eduard Kovacs is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.