8 August 2014
McAfee Labs has observed rapid mobile malware growth in prior quarters, and the first quarter of 2014 has been no exception. Most mobile malware theft occurs when attackers compromise the standard device application programming interfaces (APIs) to steal sensitive user information. Essentially, the attackers infiltrate the standard features within the mobile device platform with their malware. In recent instances, McAfee Labs researchers discovered that malware developers are also targeting legitimate apps and services for mobile devices.
Digital wallet services are also at risk. Trojan Android/Waller.A exploits a flaw in the digital wallet service to take a user’s money, and interferes in the money-transfer protocol in the Visa QIWI Wallet. The malware tricks users into downloading it by masking itself as an Adobe Flash Player or other legitimate app, and is hidden from the home screen of a device once downloaded. Once it has access to a device, the malware searches for a digital wallet and transfers any money in the account to the attacker’s server.
Another Trojan known as Android/Balloonpopper carried out exploits through the popular messaging app WhatsApp. McAfee Labs researchers discovered that the malware appeared harmless by disguising itself as app BalloonPop, but instead stole conversations and photos stored on a user’s WhatsApp and sent them back to the attacker. While the WhatsApp vulnerability has been fixed, there is a strong likelihood that attackers will continue to create similar types of breaches.
Stronger Mobile Protection Is Necessary
As mobile malware becomes more sophisticated by leveraging legitimate apps and standard platform features to circumvent basic mobile security, it is clear that stronger protections are necessary. McAfee Labs believes that app developers need to protect their apps from unauthorized use, and app stores need to ensure that data access only comes from authenticated and authorized apps. These crucial precautions will help secure apps with higher privileges that deal with finances and other sensitive data. Basic user maintenance such as upgrading apps to fix security issues, avoiding unsafe apps, and denying permission to unfamiliar apps, will also go a long way in maintaining mobile security.