Hackers are using hidden mobile apps, third-party login and counterfeit gaming videos to target consumers via their personal devices and such apps resulted in approximately 50 per cent of all malicious threats in 2019, a new McAfee 'Mobile Threat Report 2020' said on Wednesday. Last year, hackers targeted consumers with a wide variety of methods, from backdoors to mining cryptocurrencies. WhatsApp snooping via Israeli spyware Pegasus has shown smartphones have become new-age surveillance tools.
The research found that hackers have expanded the ways of hiding their attacks, making them increasingly difficult to identify and remove, which makes it seem like 2020 will be the year of mobile sneak attacks. "Hidden apps have emerged as the most active mobile threat category and it's highly advisable that consumers stay vigilant with regards to where they download apps from, what they click and also ensure they use the right security software on their devices, to enable detection and protection of their digital lives," explained Venkat Krishnapur, Vice-President of Engineering and Managing Director, McAfee India.
McAfee found that hidden apps are the most active mobile threat facing consumers, generating nearly 50 per cent of all malicious activities in 2019, a 30 per cent increase from 2018. Hackers continue to target consumers through channels that they spend the most time on -- their devices, as the average person globally is expected to own 15 connected devices by 2030. Hidden apps take advantage of unsuspecting consumers in multiple ways, including taking advantage of consumers using third-party login services or serving unwanted ads, said the report.
Hackers are taking advantage of the popularity of gaming by distributing their malicious apps via links in popular gamer chat apps and cheat videos by creating their own content containing links to fake apps. These apps masquerade as genuine with icons that closely mimic those of the real apps but serve unwanted ads and collect user data. McAfee researchers uncovered that popular apps like FaceApp, Spotify, and Call of Duty all have fake versions trying to prey on unsuspecting consumers, especially younger users.
The researchers also uncovered new information on mobile malware dubbed LeifAccess, also known as Shopper. This malware takes advantage of the accessibility features in Android to create accounts, download apps, and post reviews using names and emails configured on the victim's device. The team observed apps based on LeifAccess being distributed via social media, gaming platforms, malvertising, and gamer chat apps.
Fake warnings are used to get the user to activate accessibility services, enabling the full range of the malware's capabilities. They also found a series of South Korean transit apps were compromised with a fake library and plugin that could exfiltrate confidential files, called MalBus. "There exists a growing trend for many apps to remain hidden, stealing precious resources and important data from a device that acts as the remote control to consumers' digital world," said Raj Samani, McAfee Fellow and Chief Scientist.