McAfee threat report highlights mobile attacks, ransomware, malicious sites

Share this article:
McAfee explores what cyber problems are trending in its second-quarter threat report.
McAfee explores what cyber problems are trending in its second-quarter threat report.

Security company McAfee has released its second quarter threat report (PDF).

Aggressive attacks on typically Android-based mobile users appeared most prominent, but other highlights include high-volume spam campaigns, an extensive use of ransomware to extract money from victims and a significant expansion of malicious or infected websites distributing malware.

Adam Wosotowsky, messaging data architect at McAfee and one of the report's authors, told SCMagazine.com this week that attackers have been targeting mobile devices for monetary gain, particularly through the use of deceptive apps.

As users gravitate toward banking via mobile devices, attackers have created official-looking apps – complete with genuine or genuine-looking certificates – that claim to be from banks, but are actually used to siphon credentials and data, and send that information back to the bad guys.

In some cases, Wosotowsky said, miscreants can even redirect incoming calls and messages, offering attackers the chance to bypass two-step authentication in instances when the second step involves a code being sent to the mobile device.

Sneaky programs that dial premium-rate numbers without users knowing and apps that rack up charges despite claiming to be free are nothing new, but continue to be prevalent. Wosotowsky pointed to one adult-themed app in particular that advertised itself as free, but then hit users with big charges for the erotic services it offered.

Wosotowsky said most mobile malware is emanating from third-party websites in Asia and are predominately affecting Japanese, Chinese and Indian consumers.

“These are areas where internet access is coming through smartphones," he said. "They are farther down the road with everything happening on mobile. We get to see these things happening in Asia and prepare ourselves for it."

Ransomware, meanwhile, is an increasingly popular scare tactic that is known to prey on user fear of being investigated by law enforcement for a supposed crime they didn't commit. The crafty scam gained notoriety on Windows computers – it has started making its way to Apple and mobile platforms – for locking up programs or devices, and forcing users to pay a fee to unlock it.

The McAfee report also found that email spam volume has increased since the first quarter of 2013. Wosotowsky said that while the rate is not at an all-time high, “If you're in the crosshairs, you're getting 10 to 15 spams on average per day. It's vicious.”

Finally, suspicious and compromised websites may never cease being a threat. According to the report, this quarter showed “a 16 percent increase in suspicious URLs, bringing the total to nearly 75 million,” which may be “indicative of the success the cyber criminal community is having in their attempts to infect and repurpose legitimate websites.”

How should users defend against these types of threats? The researchers recommend only downloading from reputable sources and investigating the credibility of the download first. Users should also check to make sure applications are only accessing data necessary for functioning.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.