2021 is shaping up to be a year of malware misinformation and sneak attacks, with hackers are using fake apps, Trojans and fraudulent messages to target consumers, according to McAfee’s latest Mobile Threat Report.
With most of the world still anxious about COVID-19 and demand for vaccines soaring, the research shows most fake apps targeting vaccine registration programs in India, apart from billing fraud malware that makes purchases behind the backs of consumers and hackers using banking Trojans to target hundreds of financial institutions around the world.
According to the McAfee COVID-19 Dashboard, more than 90% of all pandemic-related malware took the form of Trojans this year. The researchers found evidence of an SMS worm targeting Indian consumers, forming one of the earliest vaccine fraud campaigns. Both SMS and WhatsApp messages encouraged users to download a vaccine app and once downloaded, malware sent itself to everyone in the user’s contact list via SMS or WhatsApp.
Last year, McAfee revealed that hidden apps were the most active mobile threat facing consumers. But following a year of lockdowns and a surge in time spent online and on devices, fraudsters are capitalizing on this with more approaches. The malware behind this is the same family that was involved in India’s ban on the Tik-Tok app last July.
Researchers also uncovered new information on mobile malware dubbed Etinu. Targeting users in Southwest Asia and the Middle East predominately, Etinu was found being distributed via Google Play, with more than 700K downloads before being detected and removed. Once an app harboring this malware is installed via the Google Play Store, the malware steals incoming SMS messages using a Notification Listener function. It can then make purchases and sign up for premium services and subscriptions that get charged to the user’s account.
“As people increasingly spend more time online owing to the pandemic and staying connected on their mobile devices, hackers are cashing in to target unsuspecting consumers. With the dramatic increase in threats and cyber criminals exploiting mobile devices, our ongoing effort is to ensure that we protect what is of paramount importance to consumers – their personal data.” said Venkat Krishnapur, vice-president of engineering and managing director, McAfee Enterprise, India.
“As fraudsters continue to experiment with newer methods and advanced techniques to bypass security screening, we aim to assist consumers by guiding them to remain vigilant and raise awareness on the importance of safeguarding their data and personal devices.”
Hackers are using banking Trojans to target hundreds of financial institutions around the world. McAfee Mobile Security detected a 141% increase in Banking Trojan activity between Q3 and Q4 2020. Most Banking Trojans are distributed via mechanisms such as phishing SMS messages to avoid Google’s screening process. During its research, McAfee discovered Brazilian Remote Access Tool Android (BRATA) – a popular banking Trojan – that repeatedly managed to get onto the Google Play store and as a result, tricked thousands of users into downloads.
“We’ve seen how the pandemic not only led to an increased dependence on mobile devices, but how it has prompted bad actors into developing new ways of tricking consumers and stealing their personal data. As well as these advanced forms of malware and deceit, we’ve seen that hackers are also returning to billing scams, but using new tricks,” said Raj Samani, McAfee Fellow and Chief Scientist.
“As consumers continue to carry out daily activities on-the-go, it is critical that they stay educated and proactive about protecting their personal data,” he said.