McAfee Mobile Threat Report: Beware, Malware is Everywhere in 2019

McAfee set out three primary themes in its newly-released Mobile Threat Report, Q1, 2019 which the security provider unwrapped at Mobile World Congress (MWC), 2019:

  • Mobile malware is everywhere.
  • Compromised phones are a data-stealing delight for threat actors.
  • Cyber criminals are in the money stealing business and business is booming. Many apps are spying on mobile users without them knowing let alone consenting.

Fake mobile apps are the real scene stealer: McAfee researchers identified 65,000 of them, up more than six-fold from the 10,000 detected only six months earlier. Fake apps can be used to deliver ads but also to install hidden apps or malware. They also can be a foot in the door for nation-states looking for national or corporate secrets or by adversaries trying to disrupt elections.

“The mobile platform is an increasing target for nation states to observe key individuals," McAfee said in the report. "Threat actors against mobile platforms are broader groups than those simply looking to boost ad revenues...We have to consider the richness of data available to threat actors from a compromised phone.”

Overall, the report also covers backdoors, malicious cryptomining, banking trojans, all of which increased substantially in 2018. The security specialist sees danger ahead, particularly with Internet of Things (IoT) devices. Cyber crooks are looking for ways to use trusted devices to gain control of IoT devices by cracking passwords and attacking other vulnerabilities.

One particularly enticing target is the 25 million voice assistants in use worldwide, typically connected to smart home devices used to control lights, thermostats, door locks and other similar gadgets. The more connectivity in the home the better for attackers, McAfee said.

“Most IoT devices are being compromised by exploiting rudimentary vulnerabilities, such as easily guessable passwords and insecure default settings,” said Raj Samani, McAfee fellow and chief scientist at McAfee. “From building botnets, to stealing banking credentials, perpetrating click fraud, or threatening reputation damage unless a ransom is paid, money is the ultimate goal for criminals.”

Here are four additional trends McAfee point out in the report:

  • The mobile app Fortnite with its 200 million players and 60 million downloads is a fertile ground for fake apps disguised as versions of the game.
  • In 2018, TimpDoor, while not new, became the leading mobile backdoor family by more than double and a solid example of how tried and true phishing over SMS is still popular among cyber criminals to deceive users into installing malware.
  • Banking trojans on mobile devices has continued to rise, particularly homed in on account holders of both large and regional banks.
  • Cyber criminals are looking to find ways to add value to their digital wallets without the cost of doing their own mining. The latest cryptomining technique can jump from phone or tablet to smart TV to infect an entire environment.
  • Spyware attacks spike on mobile are an attractive target for nation-state threat actors to gain intelligence and track victims.

As with any increasingly dangerous attack landscape, user vigilance is the best defense, McAfee said. “App stores are getting better at finding and deleting malicious apps, so cybercriminals bypass the stores and go directly to consumers,” the report reads. “As the mobile platform remains a key target for ransomware developers, identity thieves and nation states, it is imperative to maintain diligence when considering which apps to install or following any link.”

Here’s what McAfee recommends consumers should do to protect themselves from hackers:

  • Do not install apps from unknown sources. If you receive a text with a link for you to download something, do your homework. Research the app developer, download statistics, and app reviews. Be on the lookout for typos and grammatical errors in the description. This is usually a sign that the app is fake.
  • Click with caution. Only click on links in text messages that are from trusted sources. If you receive a text message from an unknown sender, stay cautious and avoid interacting with the message.
  • Go directly to the source. Comment sections are prone to links for fake websites and apps so criminals can make money off of downloads. Only download software straight from a company’s home page.
  • Use mobile security software.
  • Stay aware. New mobile threats are emerging all the time. Keep up on the latest scams and warning signs, so you know what to look out for.

Also at MWC, McAfee said it has extended its partnership with Samsung by pre-installing its VirusScan software on the impending Galaxy S10 phone. It will also support Samsung Secure Wi-Fi service that McAfee provided backend infrastructure to protect consumers against risky Wi-Fi. And, McAfee struck a deal with Türk Telekom, a Turkish carrier, to provide a security solution to help parents protect their family’s digital lives powered by McAfee’s Safe Family platform.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.