• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

PyPI maintainers alert users to email verification phishing attack

 | 

FBI seizes 20 BTC from Chaos Ransomware affiliate targeting Texas firms

 | 

Critical SAP flaw exploited to launch Auto-Color Malware attack on U.S. company

 | 

Orange reports major cyberattack, warns of service disruptions

 | 

Hackers leak images and comments from women dating safety app Tea

 | 

Pro-Ukraine hacktivists claim cyberattack on Russian Airline Aeroflot that caused the cancellation of +100 flights

 | 

Seychelles Commercial Bank Reported Cybersecurity Incident

 | 

Microsoft uncovers macOS flaw allowing bypass TCC protections and exposing sensitive data

 | 

U.S. CISA adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog

 | 

Critical WordPress Post SMTP plugin flaw exposes 200K+ sites to full takeover

 | 

Scattered Spider targets VMware ESXi in using social engineering

 | 

China-linked group Fire Ant exploits VMware and F5 flaws since early 2025

 | 

Allianz Life data breach exposed the data of most of its 1.4M customers

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 55

 | 

Security Affairs newsletter Round 534 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

Law enforcement operations seized BlackSuit ransomware gang’s darknet sites

 | 

Arizona woman sentenced for aiding North Korea in U.S. IT job fraud scheme

 | 

Operation CargoTalon targets Russia’s aerospace with EAGLET malware,

 | 

Unpatched flaw in EoL LG LNV5110R cameras lets hackers gain Admin access

 | 

Koske, a new AI-Generated Linux malware appears in the threat landscape

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Cyber Crime
  • Malware
  • Security
  • Cyber threats in mobile environment

Cyber threats in mobile environment

Pierluigi Paganini April 20, 2012

Today I desire to share with you the results of a study of Trend Micro security firm focused on mobile threat incidents related to the first quarter of 2012. The large diffusion of mobile devices and the leak of awareness on the principal cyber threats have produced an increasing interest of the cybercrimein mobility sector, Android platform is the most one interested with more over 5000 new malicious apps. The study analyzes every kind of mobile devices like laptops, tablets and global positioning system (GPS) devices. Companies and governments must be aware on the risks related to a wrong usage of powerful instruments that could expose sensible information if the owners hot take necessary precautions. The true revolution in information technology world is the development and deployment of mobile systems, machines characterized by processing capacity equal to a common desktop. Why we believe the mobile systems are so precious? They are somehow an extension of our person, follow us everywhere, track our position, they know our contacts (email, phone numbers), manage our appointments, and when we surf on the web through these devices indirectly we provide them information on our customs and traditions. As announced, the study reveals that Android-based smartphones suffered from more cybercriminal attacks due the increasing of their exposition to cyber threats. Smartphones and tablets due to their convenience are becoming the preferred tools for browsing the Internet, the percentage of accesses to the network from these mobile devices has increased significantly, trend was evident in all countries, with the UK showing the largest increase in smartphone usage from 30 to 45% of the total populations.

  We have observer an increasing attention of cybercrime in mobile sector, cyber criminals are often exploiting security vulnerabilities in legitimate mobile apps, making data extraction and information gathering easier. The purpose is to stole sensible information to the users like banking credentials but not only, cyber espionage is another phenomenon that is exploded, cyber criminals and government spies have discovered that is really comfortable to spy on an individual simply controlling its mobile. Malicious apps are able to control emails, sms messages, GPS location and voice communications. Another threat of serious concern is the rapid spread of botnet based on mobile devices, it is favored by the almost total absence of protection mechanisms so difficult to tackle and by the difficult to trace the agents composing the network. This cyber threats must alert private industry but especially institutional environment, the risk of data exposure is really high and due the young growth of the sector we are still too vulnerable. Cyber ​​criminals and government agencies are aware of the importance of information gained from our mobile and therefore are showing high interest in the field. Hacker groups like Anonymouswill pose a bigger threat to organizations that protect highly sensitive data, targeting companies and individuals for various political reasons. We have registered an exponential growth of malware designed to attack mobile systems and steal sensitive information, useful for the accomplishments of frauds, very impressed the banking sector. Don’t forget that hacktivism is considered one of the most serious threat by all the governments of the world.

The scenario of a mobile attack is always the same, the App stores that is the sites for software download and the mobile apps serve as programs users download onto our mobile devices. Users who download from app stores may downloading compromised app infected by malware. The number of application available on the store is increasing day by day especially for the open platforms like android.   Let’s consider also that there are also third-party stores that provide alternative apps for users, but downloading from these unofficial channels it’s very dangerous for final users. The main problem related alternative app stores are that they are not sufficiently controlled or that can be managed by cyber criminals to provide fake copy of legitimated application modified to realize the fraud. Due the different malware targeting the Android OS several companies have tried to categorized them depending on the fraud and attack schema implemented. Following the categorization proposed by Trend Micro.   As previously mentioned, Android Market has less restrictions when it comes to registering as a developer. The strategy is implemented to encourage app developers to adopt the platform, of course this also makes it is easier for cybercriminals to  upload their malicious apps or their Trojanized counterparts.  Following some of noteworthy incidents, listed by Trend Micro, that leveraged this loophole:

  • We analyzed several Trojanized applications found in the Android Market detected as ANDROIDOS_LOTOOR.A. One of these apps is the game Falling Down, which renders similar to the clean version. Once installed, the Trojanized version asks for more access permissions. It also gathers device information like IMEI and IMSI numbers and roots affected devices.
  • One of the malware variants found in the Android Market is the notorious DroidDreamLight variant. Trend Micro researchers found an app that promotes itself as a .APK file management tool. However, instead of helping users, this app (detected as ANDROIDOS_DORDRAE.M) collects device-related information and uploads it to remote servers. It was immediately taken off the Android Market.
  • Google released the Android Market Security Tool in the Android Market. Cybercriminals, on the other hand, were not deterred by this tool and even released a Trojanized version. Detected as ANDROIDOS_BGSERV.A, it acts as a backdoor that gathers information from the device and sends these to a remote URL.

Cybercriminals have also created and distributed malware using the names of popular apps that are not yet available on the Android Market. Android users anticipating these games are the likely victims of this ruse. A recent example is a fake version of Temple Run we found in the Android Market. The reports alert mobile users regarding the extention of common threat to mobile environments like advanced persistent threats (APTs). For the implicit nature of the attacks they are considered “campaigns” rather than singular “incidents,”. The introduction of mobile devices has considerably incremented the attack surface making this attacks most frequent. Mobile are simple to infect trought any infected media.

The report provides some interesting data related to the “Luckycat Campaign” linked to 90 attacks targeting several industries in Japan and India as well as Tibetan activists in 2011. The attacks exploited several vulnerabilities in Microsoft Office as well as Adobe Reader, Acrobat, and Flash Player via specially crafted email attachments.

But mobile is synonimous of social, the social networks are the application that most benefit of mobility revolutionizing the concept of privacy. The imperative are “be social” and “share”, two concepts that expose million of unsuspecting users to serious cyber threats. Exploiting with different techniques the “social” model its is possible to reveal personal data to other parties.
This situation is most dangerous if we consider that the accesses are made via mobile devices. We have discovered a lot vulnerabilities related to this platforms and the application that run on it, let’s also considere the increment of malware developed with the specific intent to steal any kind of information from this instruments.

As predicted cyber criminals are exploiting new vector to spread their attacks, the report end with some interesting data on email spam and ramsonware, two cyber threats in constant growing. Mobile phone spam is a form of spamming directed at the text messaging service of a mobile phone. It is described as mobile spamming, SMS spam, text spam or mspam. Through spam can ensnare a user into visiting infected or link to download a malicious application.

The quick overview of the mobile universe has the purpose to spread awareness on emerging cyber threats, unfortunately today it is still low. The increased diffusion of mobile devices and the increasing processing capacity represent an high motive of interest on the part of cybercrime and even governments to spy on users.
For now, the concept of security and mobility clashing and there is still much to do …

Pierluigi Paganini


facebook linkedin twitter

advanced persistent threats Anonymous APT Botnets Cyber attacks Cyber Crime cyber espionage cyber threat cyber threats Cybercrime Hacktivism Luckycat malware mobile mobile threat social networks Trend Micro

you might also like

Pierluigi Paganini July 30, 2025
PyPI maintainers alert users to email verification phishing attack
Read more
Pierluigi Paganini July 30, 2025
FBI seizes 20 BTC from Chaos Ransomware affiliate targeting Texas firms
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    PyPI maintainers alert users to email verification phishing attack

    Hacking / July 30, 2025

    FBI seizes 20 BTC from Chaos Ransomware affiliate targeting Texas firms

    Cyber Crime / July 30, 2025

    Critical SAP flaw exploited to launch Auto-Color Malware attack on U.S. company

    Malware / July 30, 2025

    Orange reports major cyberattack, warns of service disruptions

    Security / July 29, 2025

    Hackers leak images and comments from women dating safety app Tea

    Data Breach / July 29, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT