home Software Applications Dangerous Apps

Dangerous Apps

Mar 12, 2015

This post is also available in: עברית (Hebrew)

No less than six new malware are born each second. This, according to a recent report on various cyber threats.

The report focuses on the level of security of cellular applications and their ability to contribute to numerous security breaches. The editors examined the most 25 apps, cellular applications, which send out user authorizations through unsecure links.

According to Feburary’s report on cyber threat by McAfee Labs, most apps continue to run, without the breaches being fixed. This, despite version updates operate – which, it turns out, may only make matters worse.

The team used Man In The Middle (MITM) simulation to successfully track supposedly secure SSL data feeds and intercept them. The simulations revealed that usernames and passwords can be mined successfully, along with entry authorizations. As these apps are downloaded by hundreds of millions of users, SSL breaches have become a source of major concern for any business. This, especially given the ongoing process of transitioning employees from desktops to smartphones.

Another major trend the report cites concerns the successor of the Blacole malware. The person behind it was jailed at the end of 2013. Now, there void has been filled by Angler, an on the shelf software available on the black internet, designed to perpetrate hacks. Using Angler does not require computer savvy. It mostly directs browsers such as Explorer, Chrome and Firefox. This malware is also capable of using security breaches in software such as Adobe and Java’s flash drives, respectively.

When a potential victim accesses a high risk server using a compromised browser, the server transfers the user to a mediator server, who in turn transfers the link on to the malicious server hosting the landing page used to perpetrate the hack. The page tests for plugins, and if it finds an unsecure plugin, the malicious server feeds the payload, thereby relaying the virus.

Aside from convenience and efficiency for the average hacker, Angler also features advanced applications such as direct memory download to compromise the target, avoiding virtual achiness and security products, alongside mining means focusing on data feeds. These include Trojan horses designed for the banking industry, ransom software, Rootkits, Cryptolocker and backdoor Trojans. As Angler keeps changing its patterns to cover its tracks, it is harder to detect.

Geographically speaking, the report highlight the 14% increase in the last quarter in the number of mobile malware in Africa and Asia. Both regions are also the ones with the highest risk of contamination. The report also warns against Potentially Unwanted Programs (PUP), citing it adversely affects 91 million systems each day. These malware mostly pose as legitimate apps, but then they run unauthorized scripts such as gathering user data and system data.

Conversely, ransom malware, which have fueled the imagination of many TV series’ writers, have been recovering nicely after a long period of decline. In the last quarter of 2014, their number jumped by 150%. After a decline in the number of malicious signed binaries, they are making a comeback, with a 17% increase.