Mobile Malware: A thing of the present?

With ‘ransomware’ being a household name, it’s a wonder people are not more careful. Security researchers have been urging end users to secure themselves for years and only now after several worldwide outbreaks are people starting to see the destructive capabilities.

After the ‘Shadow Brokers’ leaked top-secret cyber weapons made by the NSA to the underground hacking market, we have seen these tools adapted to wreak havoc on the world population. The prime example being WannaCry(aka WannaCrypt). The thing is, this happens far more often than you would think. Millions of devices using the same operating system/firmware make these devices massive targets for cybercriminals.

Windows has long been the target of these attacks and most malware on the market is aimed at this operating system. This is due to how many computers are running the operating system. It makes sense to infect as many systems as possible. Go hard or go home, right?

But what people seem to forget is that the devices in their pockets are just as many computers like the ones sitting under their desks. It’s safe to argue people have more trust in their smartphones as there has been little media coverage regarding mobile phone malware.

An attack vector some may not assume is one of the biggest online stores for apps and games. The Google Play store. Yes, it’s true! Malware developers have managed to put malicious apps on the play store which have been downloaded between 10,000 and 1,000,000 times. A good example is the recent game removed from the play store called “ColourBlock”. This app, which seemed innocent on the surface but was in fact a sophisticated piece of malware with RootKit capabilities. This in turn means your phone is under full control from a hacker and you would be none the wiser. This could mean bank details, confidential documents, photos and other personal information you potentially don’t want floating around on the internet could be exfiltrated.

It’s possible with one of these rootkit malware that they could lock a device and encrypt the data (like common ransomware). It’s also possible that they could flash a custom recovery image and lock the device to a point that it doesn’t even load android. Theoretically, an attacker could brick the device and render it useless if the ransom is not paid. That’s a lot scarier than just losing your data… you would lose full functionality of the device.

It’s extremely important to be vigilant when it comes to computers and the internet. Some things that look %100 genuine may actually be malicious.

  • Always look at the reviews, downloads and permissions an App/Game can use.
  • Always keep your device updated with the most recent firmware and security patches.
  • Always have a reputable antivirus running on your phone and keep it up to date.

We have seen what ransomware has done in the very recent past. It’s fair to assume the next big target will be mobile in nature. I know from working in Parnell there are a large number of people who run their business from their phone and I can’t imagine they would be too happy if they couldn’t use them at all.