McAfee Labs today released the McAfee Threats Report: Second Quarter 2013, which found that Android-based malware achieved a 35 percent growth rate not seen since early 2012. This rebound was marked by the continued proliferation of SMS-stealing banking malware, fraudulent dating and entertainment apps, weaponized legitimate apps and malicious apps posing as useful tools. McAfee Labs registered twice as many new ransomware samples in Q2 as in Q1, raising the 2013 ransomware count higher than the total found in all previous periods combined.
The second quarter also saw a 16 percent increase in suspicious URLs, a 50 percent increase in digitally-signed malware samples, and notable events in the cyber-attack and espionage areas, including multiple attacks on the global Bitcoin infrastructure and revelations around the Operation Troy network targeting U.S. and South Korean military assets.
McAfee Labs researchers identified a set of common mobile strategies employed by cybercriminals to extract money and confidential information from victims:
- Banking Malware. Many banks implementing two-factor authentication require customers to log into their online accounts using a username, password and a mobile transaction number (mTAN) sent to their mobile device via a text message. McAfee Labs researchers identified four significant pieces of mobile malware that capture the traditional usernames and passwords, and then intercept SMS messages containing bank account login credentials. The malicious parties then directly access accounts and transfer funds.
- Fraudulent Dating Apps. McAfee Labs discovered a surge in dating and entertainment apps that dupe users into signing up for paid services that do not exist. Lonely users attempt to access potential partners’ profiles and other content only to become further frustrated when the scam is recognized. The profits from the purchases are later supplemented by the ongoing theft and sale of user information and personal data stored on the devices.
- Trojanized Apps. Research revealed the increasing use of legitimate apps altered to act as spyware on users' devices. These threats collect a large amount of personal user information (contacts, call logs, SMS messages, location) and upload the data to the attacker’s server.
- Fake Tools. Cyber criminals are also using apps posing as helpful tools, such as app installers that actually install spyware that collects and forwards valuable personal data.
“The mobile cybercrime landscape is becoming more defined as cybergangs determine which tactics are most effective and profitable,” said Vincent Weafer, senior vice president, McAfee Labs. “As in other mature areas of cybercrime, the profit motive of hacking bank accounts has eclipsed the technical challenges of bypassing digital trust. Tactics such as the dating and entertainment app scams benefit from the lack of attention paid to such schemes; while others simply target the mobile paradigm’s most popular currency: personal user information.”