Endless candy, an excuse to dress up as a character from your favorite comic book, and carving pumpkins with family… What’s not to love about Halloween? But witches, ghosts, and goblins aren’t the only things to fear this time of year. This Halloween, there’s a different kind of spooky story—mobile hacks. Mobile security threats are only growing, and new hacks are popping up faster than you can say “trick or treat.” Gather ‘round as we share four mobile hacks of 2016 that left us afraid to sleep with the lights off.
What’s Scarier Than Malware? Ghost Malware: Two years ago we uncovered a Trojan infecting Android devices running v. 5, and two years later it’s still on the loose, as many users haven’t transferred to updated systems that cleared the infection. We deemed the Trojan “Ghost Push,” as it dons several costumes in order to gain access to devices and their data. The malware starts its attack by posing as an application or plug-in, and finally disguises itself as Google Play, asking the user to disclose credit card information. Once Ghost Push makes its way into the mobile device, a second phishing overlay requests the victim’s phone number and date of birth. Ghost Push is one shady character that you don’t want to run into, so keep your device updated and avoid third-party app stores.
Hackers Are Total Brand Snobs: Brands used to pop up on soda cans and billboards, but today they’re everywhere you look, both offline and on. We ‘like’ their pages, ‘follow’ them, and download their apps, and cyber attackers are catching on. Brand-associated apps lined with malicious files are popping up left and right, with 248,701 malicious apps discovered in 2016. A big name is sometimes all of the validation we need to trust an app. Downloading a brand’s app can come in handy for special deals, new content, and customer service, but malicious apps are like the neighbors who hand out toothpaste on Halloween. Malware? No thanks! Skip this one and be extra cautious when you download a brand’s mobile app. Your phone will thank you.
Cat Videos and Malware: YouTube is everyone’s favorite distraction. What starts with Beyoncé’s latest music video quickly spirals into an endless black hole of entertainment. Cyber criminals love to take the fun out of everything, and YouTube was the latest victim when hidden voice commands were uncovered. That’s right, just having your phone nearby while you scroll through videos could be enough to infect your device. By embedding a manipulated voice saying “Ok Google,” criminals can alert your device and control it, all without your knowledge. Luckily, this hack hasn’t taken off just yet, but the possibility is present. To avoid this hack, consider turning off the always-on mode for your microphone.
Spooky Spyware Malware Hits Android: Earlier this year, SpyLocker, an Android banking malware, targeted customers of large banks in Australia, Turkey, and New Zealand. The mobile malware dressed up in one of the year’s trendiest costumes, a Flash Player, and stole login credentials from 20 different banking apps. Android devices both old and new were targeted, leaving call logs, incoming SMS messages, and other personal information in hackers’ hands. Does the thought of a criminal reading your text messages give you the heebie-jeebies? Us, too.
Did we leave you scared? Being cautious is the key to mobile security, and comprehensive software is the garlic that keeps hackers at bay. Try McAfee® Mobile Security, free for both Android and iOS, and lock down your device, your data, and your privacy.
Have a spooktacular Halloween!
Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.