Today, McAfee Labs released the McAfee Labs Threats Report: June 2014, which reveals mobile malware tactics that abuse popularity, features and vulnerabilities of legitimate apps and services, including malware-infested clones masquerading as the popular mobile game Flappy Birds.
The report highlights the need for mobile app developers to be more vigilant about the security of their apps, and encourages users to be mindful when granting permission requests that criminals could exploit for profit.
Notable examples of mobile malware that take advantage of the features of trusted apps and services, include:
- Android/BadInst.A: Abuses app store account authentication and authorization to automatically download, install, and launch other apps without user permission
- Android/Waller.A: Exploits a flaw in a legitimate digital wallet service to transfer money to the attacker’s servers
- Android/Balloonpopper.A: Allows attackers to intercept and share conversations and photos without users’ permission in WhatsApp
The McAfee labs team also identified the following trends:
- Mobile on the move: McAfee Labs’ “zoo” of mobile malware samples grew by 167 percent between Q1 2013 and Q1 2014
- Suspicious URLs: New suspect URLs set a three-month record with more than 18 million, a 19 percent increase over Q4 2013 and the fourth straight quarterly increase
- Signed malware: New malicious signed binaries remain a popular form of attack, increasing by 46 percent in the first quarter of 2014
- Botnets and currency mining: McAfee Labs saw botnet providers include virtual currency mining capabilities with their services, reflecting the increasing popularity of digital currencies such as Bitcoin
“It is easy to think that popular mobile apps are safe to use, especially when we see others use them as well, but this can actually make us complacent. Our studies on 2014 so far indicates that mobile malware developers manipulate features of trusted mobile apps to compromise users’ data and security when they let their guard down. Users should thus be more cautious of app permissions and developers should keep a close eye on the controls they build.”