What this expensive ‘secure’ phone tells us about mobile hacking
Mobile security is a bit of a misnomer. Few of us can say we’ve been attacked by a piece of malware or have quarantined an actual virus. The odds are stacked against us. Mobile operators like Verizon and Sprint routinely scan for threats, and both Google Android and the Apple iPhone include multiple security measures […] more…SMiShing and the rise of mobile banking attacks
Brazilian cybercriminals are clearly setting their sights on users of mobile banking, with a huge rise in incidents registered in the country over the last two years. In order to carry out these attacks they are using SMiShing (phishing via SMS) and registering new mobile phish domains created especially for this purpose. In 2015, mobile […] more…KSN Report: Mobile ransomware in 2014-2016
Part 1. KSN Report: PC ransomware in 2014-2016 Download PDF version Statistics The activity of mobile ransomware, although not as widely covered in the media as PC ransomware, also skyrocketed over the period covered by this report. Especially in the second half. Fig. 12: The number of users encountering mobile ransomware at least once in […] more…Operation Daybreak
Earlier this year, we deployed new technologies in Kaspersky Lab products to identify and block zero-day attacks. This technology already proved its effectiveness earlier this year, when it caught an Adobe Flash zero day exploit (CVE-2016-1010). Earlier this month, our technology caught another zero-day Adobe Flash Player exploit deployed in targeted attacks. We believe the […] more…Wired Mobile Charging – Is it Safe?
Mobile phones. Nowadays, they are our constant companions, our confidants. They know everything about our everyday lives. Every day, whether we’re on our way to or from work or just wandering around the city, mobile phones collect this information. We take photos, share our impressions on social networks, send work and non-work related mails, text […] more…“Operation C-Major” Actors Also Used Android, BlackBerry Mobile Spyware Against Targets
By Shawn Xing, David Sancho, and Feike Hacquebord Last March, we reported on Operation C-Major, an active information theft campaign that was able to steal sensitive information from high profile targets in India. The campaign was able to steal large amounts of data despite using relatively simple malware because it used clever social engineering tactics against […] more…Mobile Devices Used to Execute DNS Malware Against Home Routers
Attacks against home routers have been going around for years—from malware that rigs routers to DNS rebinding attacks and backdoors, among others. Just last year one of our researchers reported a Domain Name System (DNS) changer malware that redirected users to malicious pages when they visited specific websites. This enabled cyber crooks to get hold of the […] more…Indian Military Personnel Targeted by “Operation C-Major” Information Theft Campaign
by David Sancho and Feike Hacquebord Are cyber-militant groups in Pakistan targeting the Indian military? This is our question when we came across an information theft campaign in India that has stolen passport scans, photo IDs, and tax information from 160 Indian military officers, military attaches stationed in the said country, consultants, and resellers. Some evidence suggests […] more…Attack on Zygote: a new twist in the evolution of mobile threats
The main danger posed by apps that gain root access to a mobile device without the user’s knowledge is that they can provide access to far more advanced and dangerous malware with highly innovative architecture. We feared that Trojans obtaining unauthorized superuser privileges to install legitimate apps and display advertising would eventually start installing malware. […] more…Mobile malware evolution 2015
The year in figures In 2015, Kaspersky Lab detected the following: 2,961,727 malicious installation packages 884,774 new malicious mobile programs – a threefold increase from the previous year 7,030 mobile banking Trojans Trends of the year Rise in the number of malicious attachments the user is unable to delete. Cybercriminals actively using phishing windows to […] more…Operation Emmental Revisited: Malicious Apps Lock Users Out
Imagine getting a notification from your bank, asking for your cooperation in installing an updated version of their mobile app. After downloading the app, it asks for administrator privileges. The notification you received said it would indeed prompt the question and so you allowed it. You try the app out and it works fine. You were […] more…iOS 9 is now on 75% of Apple’s mobile devices
Apple today updated its iOS adoption numbers to show that iOS 9 has finally hit the 75 percent mark. In other words, the latest version of the company’s mobile operating system is now on three out of every four of its devices. iOS 9 share (which includes iOS 9.1 and iOS 9.2) has taken less […] more…Attack of the 90s Kids: Chinese Teens Take On the Mobile Ransomware Trade
A new breed of cybercriminals has surfaced in China. They are bolder and more reckless than their more experienced veteran counterparts. All born in the 90s, these neophytes are not afraid to get caught, carelessly leaving a trail of traceable contact details online. They find and share readily available code and use those to make their […] more…Sextortion in the Far East Includes Mobile Spyware
Today, personal communication is greatly enabled and enhanced by various messaging apps that provide text messaging, voice calls, photo sharing, and even video chat. These apps are often found in smartphones—devices that have all the features of a desktop computer, plus Wi-Fi, cellular, GPS, and data connectivity. Cybercriminals have taken advantage of the convergence of the power of the smartphone […] more…Mobile Malware Gang Steals Millions from South Korean Users
Today we’re releasing our research paper on the operations of the Yanbian Gang—a Chinese cybercriminal group that use mobile malware to siphon off money from account holders of South Korean banks. They are able to transfer up to US$1,600 worth of local currency from victims’ accounts every single day since 2013. This investigation is the result […] more…Mobile Virtualization – Solving the BYOD Problem
For many users today, how they use technology is defined by mobile devices. Their primary device is not a desktop computer, or even a laptop. Instead, it’s a tablet or a smartphone. Instead of data stored on a hard drive or a USB stick, corporate data is now stored in the cloud and accessed as […] more…More information
- Size doesn’t matter – at least, not quite as much as smartphone privacy
- T-Mobile Data Breach Hits Over 2 Million Customers
- Tories change Twitter name to ‘factcheckUK’ during live TV debate
- China biggest, but not the only country engaged in cyberespionage
- PWN2OWN results – Java, Chrome, IE 10 and Firefox owned on Day One
- How Secure Scrum can help you build better software
- Bot Detection Firm Netacea Closes $12 Million Funding Round
- US Senators Call for Security Probe of TikTok
- Election Officials Face Security Challenges Before Midterms
- Neglected Step Child: Security in DevOps