Cybercrime target selection becoming a popularity contest
Android's continuing popularity has made it a magnet for cybercrime.
Successful cybercriminals always have an acute awareness of the latest technology trends sweeping through consumer circles and professional communities. By studying which devices, websites, searches and transactions are most popular at any given time, they are better positioned to design economical attacks that generate larger returns from smaller investments of their time and skill. As a result, Internet security experts have recognized for some time that the most popular online activities tend to be a magnet for cybercriminal plots as well.
The logic and anecdotal evidence underlying this assumption has been bolstered in recent times by an influx of new empirical confirmations. For example, Microsoft's latest security intelligence report outlined a direct correlation between the license key generator (Keygen) tools commonly used to facilitate free access to software and a rash of malware infections. Now, TrendLabs' 3Q 2012 Security Roundup has added fresh insight to the discussion by outlining the spike in cybercrime that has arisen in direct correlation to user preferences and developer habits.
Sixfold spike in Android malware
Android continues to be the dominant mobile operating system in the American marketplace, supporting 52.6 percent of all U.S. smartphone subscribers according to comScore's latest figures. However, it is no secret that this popularity has come at a price. With cybercriminals inclined to shift their focus in the direction where the majority of users are assembled, Google has spent much of the year answering questions regarding the explosion of malware that has been exploiting weaknesses in its proprietary mobile platform and associated application marketplace.
The news did not get any better in the third quarter, with TrendLabs researchers identifying a sixfold increase in Android malware during that time. The fact that approximately 30,000 malicious and potentially dangerous apps were circulating back in June was already a major point of concern, but as of September that figure has ballooned to nearly 175,000 unique variations.
"It's becoming increasingly clear that the mobile space is the next great frontier for malicious activity," Trend Micro's Erica Benton explained in a related blog post. "And the cybercriminals are clearly favoring Android as their preferred target in this space. After the findings in this quarter's report, it's also clear that mobile devices need active protection just like PCs do."
As the report alluded to, there have been several telling clues that suggest elaborate, PC-based threats are being adapted for mobile platforms. For example, the malicious programmers behind the Luckycat campaign appear to be developing Android application files capable of executing commands sent from remote command-and-control servers to harvest device data.
Aggressive adware
In line with this emphasis on trawling smartphone contents for information that could inform future attacks, cybercriminals are also profiting from their understanding of how legitimate mobile ad campaigns are designed.
One of the most notable commercial benefits of expanded mobility has been the rise of the so-called "app economy." By creating simple, but useful productivity tools and fun games, mobile application developers have proven capable of generating everything from a respectable second income to small fortunes. One increasingly attractive and viable way to achieve these results is to offer programs for free and profit from the inclusion of sponsored ads.
As such strategies have taken off in recent months, cybercriminals have inserted themselves into the equation with more aggressive mobile adware. While legitimate ads will collect a certain amount of personal information from users who supply their consent, hackers are going above and beyond to mine deeper into device data without owner approval.
"Apps that access your call history without informing you via and end-user license agreement (EULA) or their user interface (UI) constitute malicious behavior from a security perspective and are detected. Ad networks present a unique challenge though," the report stated. "Unfortunately, in-app networks provide sometimes gather more information than developers declare. While in some instances this oversight is unintentional, failure to alert users of data-gathering behavior introduces privacy risks."
With developers and ad networks still trying to iron out these discrepancies, cybercriminals are capitalizing on the confusion. According to the report, the fact that just one in five Android device owners use a dedicated data security application only put hackers farther ahead.
Social engineering
While mobile devices seem to be the primary backdrop for this "price of popularity" phenomenon, some issues apply across platforms. Most notably, social media continues to serve up a variety of enticing opportunities for savvy cybercriminals.
For example, TrendLabs researchers discovered that LinkedIn was the most popular target of hackers leveraging the Blackhole Exploit Kit. In fact, the professional networking site was used more than twice as frequently as more ostensibly finance-focused entities such as PayPal, Intuit and ADP.
Not surprisingly, researchers also observed a continued rise in Facebook scams that could help cybercriminals gather sensitive personal information and build extensive target profiles. Even Tumblr users have become victims of baiting tactics that leverage fraudulent web apps and malicious banner ads to trick them into supplying the kind of information that could help hackers guess security questions or launch full-scale identify theft.
"Survey scams live on because the payoff – getting tons of personal data from users – is something the bad guys can't pass up on," the report concluded.
Security News from SimplySecurity.com by Trend Micro
Spotlight
Cloud Computing
- Security in backups means more than just encryption
- Employees must buy into the company policy for better cloud security
- Desktop virtualization can enhance security performance
- Cybersecurity cooperation becoming military necessity
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- FBI trying to train financial execs on cyber threats
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
- Employees must buy into the company policy for better cloud security
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet