Cybercriminals are increasingly abusing flaws in trusted mobile apps and services in an effort to distribute malware, McAfee Labs revealed in a threat report published on Tuesday.
McAfee’s report provides three examples of malicious applications exploiting features and vulnerabilities in legitimate apps and services. The first example details how an app offered on Google Play automatically downloaded, installed, and launched other apps without a user’s permission. The application in question, detected as Android/BadInst.A, helped the attackers make a profit through a pay-to-download scheme, but it could have been used just as easily to download malware.
A different threat, a Trojan detected as Android/Waller.A, was found exploiting a security hole in the Visa QIWI Wallet digital wallet service to steal money from victims. The final example provided by McAfee is a piece of malware (Android/Balloonpopper.A) designed to exploit an encryption weakness in WhatsApp to intercept users’ conversations and photos.
Cybercriminals are also leveraging the popularity of various mobile applications to achieve their goals. McAfee analyzed 300 clones of the Flappy Bird game and found that close to 80% of them contained malware. The rogue apps have been designed to make calls, track geolocation, harvest contact information, and send and receive SMS messages without the user’s permission.
According to McAfee, the total number of mobile malware samples increased by 167% between Q1 2013 and Q1 2014. In the first quarter of 2014, over 750,000 new unique samples were detected by the company.
“We tend to trust the names we know on the internet and risk compromising our safety if it means gaining what we most desire,” noted Vincent Weafer, senior vice president for McAfee Labs.
“The year 2014 has already given us ample evidence that mobile malware developers are playing on these inclinations, to manipulate the familiar, legitimate features in the mobile apps and services we recognize and trust. Developers must become more vigilant with the controls they build into these apps, and users must be more mindful of what permissions they grant.”
The complete McAfee Labs Threats Report: June 2014 is available online.
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
- New York Man Arrested for Running BreachForums Cybercrime Website
- Exploitation of Recent Fortinet Zero-Day Linked to Chinese Cyberspies
- Mozilla Patches High-Severity Vulnerabilities With Release of Firefox 111
- Microsoft: 17 European Nations Targeted by Russia in 2023 as Espionage Ramping Up
- Cybercriminals, APT Exploited Telerik Vulnerability in Attacks on US Government Agency
- US Charges Two Men Over Use of Hacked Law Enforcement Database for Doxing
Latest News
- Ferrari Says Ransomware Attack Exposed Customer Data
- Aembit Scores $16.6M Seed Funding for Workload IAM Technology
- Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
- NBA Notifying Individuals of Data Breach at Mailing Services Provider
- Adobe Acrobat Sign Abused to Distribute Malware
- New York Man Arrested for Running BreachForums Cybercrime Website
