September 14, 2017 by Canadian Underwriter
Digital security company Avast has reported an uptick in attacks targetting Android smartphones and tablets year-over-year in the second quarter of 2017 of nearly 40%.
“Mobile cybersecurity attacks are growing rapidly as hackers’ strategies become more agile and dangerous, and what’s at stake is mostly the user’s personal data and privacy,” said Gagan Singh, senior vice president and general manager of mobile and Internet of Things at Avast. “Users carry their most valuable data around with their smartphones. We constantly update our mobile security solutions to address new threats by leveraging powerful AI and machine learning technologies in combination with the world’s largest threat detection network to make it easy for consumers to stay secure online.”
Research from Avast found that the increase in mobile cyberattacks of 40% for the three months ending June 30 represented an average of 1.2 million to 1.7 million attacks per month. Researchers tracked an average of 788 variations of viruses per month, up 22.2% from Q2 2016, Avast said in a press release earlier this week. The findings also showed that the top three mobile threats are designed to spy and steal personal information (referred to as ‘rooters’), and to spam users with ads, even outside of the company’s app (referred to as ‘downloaders/droppers’ and ‘fake apps’).
For Q2, rooters accounted for 22.80% of mobile threats, followed closely by downloaders (22.76%). Fake apps accounted for 6.97% of mobile threats.
Last month, cybersecurity company Kaspersky Lab reported that they had discovered a new modification of the well-known mobile banking Trojan Faketoken, “which is now available to steal credentials from taxi and ridesharing app users.” Kapersky said in a statement on Aug. 17 that cybercriminals are targeting the “most popular international taxi and ridesharing services with this malware.”
The new version of Faketoken performs live tracking of apps and when a user runs a specified app, the Trojan overlays it with a phishing window to steal the victim’s bank card details. The Trojan also steals all incoming SMS messages by redirecting them to its command and control servers, allowing criminals access to one-time verification passwords sent by a bank, or other messages sent by taxi and ridesharing services. This Faketoken modification can also monitor users’ calls, record them and transmit the data to the command and control servers, Kaspersky added.