Recommended mobile app: OPSWAT Metadefender
In their race for customers, banks and financial institutions need to maximize the usability and flexibility of their services. Thus, mobile banking applications were a natural step forward as they enabled customers to make use of their banking services virtually anywhere. It became very easy to check the account balance, make transfers or deliver payments from the tip of one’s fingers. However, wherever there’s a way to manage money, there’s also valuable information for cyber criminals. Wherever there is convenience, there is also lesser security. This context, along with the mere negligence still governing the mobile world, contributed to the rise of mobile malware designed to steal the credentials used for mobile banking applications. Such credentials can be used to conduct banking transactions in the name of the victim, with little or no chance of being discovered. Such transactions do not trigger any alert irrespective of the security measures at the banks because usually there is no way to assess the legitimacy of the request.
Mobile malware uses two strategies to get installed on a device and extract the target information:
Statistics:
According to research commissioned by Arxan Technologies, in partnership with IBM, involving surveys and security assessments of more than 120 popular banking and mobile healthcare apps, “90% of the tested applications had at least two critical vulnerabilities”.
This mobile malware started as an Android backdoor, allowing cyber criminals to run commands on the mobile device, from a remote location. It allowed attackers to intercept SMS messages, send SMS messages to a given number from the device, or change the device control number. It then evolved allowing more commands to be executed and displaying phishing windows overlaid on top of popular apps such as WhatsApp, Gmail, Twitter, Instagram or Skype to steal social networking credentials. Next, it began to target mobile banking apps so, in 2016, it is known to target at least 30 mobile banking applications worldwide.
Read more: https://securelist.com/blog/research/73777/the-evolution-of-acecard/
This malware comes in over 170 variants and once installed can monitor the running processes, detect over 30 legitimate mobile banking applications and display fake login windows on top of them. It can harvest credentials and communicate them to a command server, together with other device information useful for the attackers (phone number, installed apps, etc.).
Read more here: http://www.securityweek.com/android-banking-trojan-slembunk-targets-users-worldwide
Gugi is a very aggressive, new breed of mobile banking malware which gets installed through SmiShing (the user gets an SMS notification claiming there is a new MMS image available for download). Once the user opens the link, it gets installed and bypasses latest security features in Android 6, forcing the user to grant the overlay permission. Ultimately it overlays the UI of typical banking clients in Russia.
Read more here: https://securelist.com/blog/mobile/76023/gugi-from-an-sms-trojan-to-a-mobile-banking-trojan/
This malware disguises itself as a legitimate popular application (like Pokemon Go) and looks the same as the original, except it also has functionality to download and install the malicious code. It can then send or delete SMS messages, record text activity and perform banking operations on the victim’s behalf, once the credentials to the banking app are stolen.
Read more here: http://www.securityweek.com/tordow-android-trojan-gets-root-privileges-new-attacks
Mobiles are no safer than PCs, in fact, because of many convenience features, they may be far more dangerous for the individuals who use mobiles to carry out financial transactions. Apps are less secure, and privacy is always at stake with the myriad of legitimate services requiring various related privileges. Obviously, there are (many) ways in which we can become victims of mobile attacks, and we have a lot to lose. To stay safe and significantly reduce the risk of this happening, follow these basic best practices:
Liked this article? Follow us on LinkedIn for more, or subscribe to our newsletter.
References:
https://www.arxan.com/2016/01/12/arxans-5th-annual-state-of-application-security-report-reveals-disparity-between-mobile-app-security-perception-and-reality/
This post was last modified on August 21, 2023 7:27 am
In the digital world, information is often stored and transferred through files. From the most…
Introduction Data security is more important than ever in today's fast-paced digital world. One critical…
Introduction: Cyber threats are a growing concern for businesses and individuals alike. With the increasing…
Microsoft Internet Information Services (IIS) is a popular web server that is widely used to…
File tracking is an important aspect of server administration, and it can help administrators detect…
File monitoring solutions are essential tools for administrators to manage and protect their organizations' data…