Cybercriminals eye $1.3 Trillion mobile payments
Mobile Payments Predicted To Reach USD 1.3 Trillion Annually by 2017
Web threats attacking the mobile platform are here to stay. With mobile payments predicted to reach USD 1.3 Trillion annually by 2017, we can expect cybercriminals to continue generating even more profits by selling stolen user data.
Cybercriminals favor web threats since they only require an internet connection to facilitate their schemes. This makes web browsing risky, since web threats can infect your computer or network, sometimes even without your intervention. For several years, web threats have plagued internet users, posing several risks such as identity theft, data loss, and financial damage.
Ihab Moawad; “In 2013, IT managers here will have to deal with the highest level of targeted attacks the region has ever witnessed. Today’s attacks are financially motivated, and we are here to help our customers better protect themselves.” — Ihab Moawad, Vice President Trend Micro Middle East, Africa and Mediterranean.
The Dangers of Third-Party App Sites
Cybercriminals have broadened their means of infection by targeting mobile users. The popularity of web browsing via mobile devices creates an opportunity for cybercriminals to expand their target base. Today’s web threats are no longer limited to clicking malicious links on PC’s. Smartphones now face the same kinds of threat previously seen on their PC cousins—all which has occurred in only three years.
The Communication Function of Malicious URL’s
Through the use of malicious URL’s, cyber-criminals are able to infiltrate mobile devices. Trend Micro points out two motivations cyber-criminals have for using them. First, malicious URL’s make launching online attacks easier, and second, they allow cyber-criminals to cover a wide target area comprising internet-ready mobile devices.
Attack scenarios often involve social engineering techniques designed to trick mobile device users into clicking malicious URL’s and downloading malicious Android application package (APK) files. Once these files are in place, the mobile device’s security is compromised.
Malicious URL’s, are disease vectors. This means they are used by cyber-criminals as a way to spread mobile malware. But this is not the sole purpose of malicious URL’s. They can also be used to infiltrate your device and foster outbound communication.
Malicious APK’s Phone Home
Not only do mobile malware like malicious downloaders and backdoors rely on malicious URL’s to infiltrate mobile devices, they also need them to send or request additional information required to perform specific functions. Almost 17 percent of the mobile malware that Trend Micro as found so far, have malicious URL’s embedded in them.
Malicious downloaders use malicious URL’s to download and install additional malicious files and components in your device. They request information and receive malicious packages in return.
Backdoors also take advantage of malicious URL’s in the same way. Once installed in a mobile device, they communicate with remote sites to acquire new scripts, which they can then parse and use.
In January this year, one backdoor used a malicious URL to download a script it needed, to update the one currently running on the infected device. When the said script is integrated into the malware, the malware is able to avoid anti-malware detection. This new ability allows the backdoor to download a new variant of itself from a malicious URL. The same script also contains customized commands a remote attacker can execute. In this particular case, executing these commands causes a notification asking you to download other files to appear.
This example reveals that two-way communication between mobile malware installed in a device and malicious URL’s is possible. Since attackers can now remotely ask you to download more malicious files onto your device, it’s also likely that they can perform more intrusive or damaging tasks.
Another backdoor Trend Micro detected earlier this year allows cyber-criminals to execute commands like sending and deleting messages and making phone calls. These can result in unnecessary charges on mobile phone bills. The backdoor also allows cybercriminals to send user’s contact list and GPS location to malicious domains.
A Lot to Lose
The relationship between mobile malware and malicious URL’s is often overlooked. When they work together, they pose a serious threat to mobile devices as well as information and privacy. Any data users store in their mobile device will be ripe for the picking. Personal details, messages, and the like can be stolen and sold underground by cyber-criminals.
Though it’s advisable to double-check granted app permissions, users can’t always be too sure of this safety practice. Cyber-criminals are getting better at using social engineering. The limitations of mobile devices, for instance, having a small screen, makes it more difficult to determine malicious apps and URL’s from safe ones.
One Bright Spot
The risk of mobile malware infection is greatly decreased though with the use of a security app. Even if traditional mobile security apps help alleviate threats by blocking the download and installation of malicious files, they don’t completely eliminate the risks malicious URLs pose. Since malicious downloaders and backdoors use malicious URLs to function on the device, apps that rely on web reputation technology are recommended.
If the mobile device is already infected by mobile malware before one has the chance to install the appropriate security solution, it still isn’t too late. Security apps that use web reputation technology can still stop communication between the mobile malware and the malicious URL’s it tries to access.