Blue Coat sounds alarm on escalating mobile malware
Blue Coat Systems has sounded the alarm for individual and organisations to strengthen defences around mobile devices after seeing an escalation in insidious and malicious mobile attacks.
The security vendor’s annual State of Mobile Malware report shows cyber blackmail – or mobile ransomware attacks – led the way as the top malware type in 2015, along with the stealthy insertion of spyware on devices that allows attackers to profile behaviour and online habits.
Hugh Thompson, Blue Coat CTO and senior vice president, says as we sleep, exercise, work and shop with our mobile devices, cyber criminals are waiting to take advantage of the data the devices collect – something Blue Coat says is evident in the types of malware and attacks it is seeing.
And it isn’t just consumers under threat.
“The implications of this nefarious activity certainly carry over to corporate IT as organisations rapidly adopt cloud-based, mobile versions of enterprise applications, opening up another avenue for attackers,” Thompson notes.
“A holistic and strategic approach to managing risk must extend the perimeter to mobile and cloud environments — based on a realistic, accurate look at the problem — and deploy advanced protections that can prioritise and remediate sophisticated, emerging and unknown threats.”
This year’s survey shows ransomware, potentially unwanted software (Pus) and information leakage were the top types of mobile malware this year, with Blue Coat noting the world of mobile ransomware has grown dramatically over the past year.
“While some varieties that run on Android devices cause little damage beyond convincing victims to pay the cyber hostage-taker, many have adopted more sophisticated approaches common to ransomware in the Windows environment,” Blue Coat says.
The threats render music files, photographs, videos and other document types unreadable, while typically demanding an untraceable form of payment such as Bitcoin.
PUS exhibits behaviour typical of adware or spyware, spying on users’ online activity and personal data or serving extra ads, while information leakage malware watches users and reports out on a 24x7x365 basis.
“This information leakage is usually a minor drip, showing the version of their phone’s operating system, the manufacturer, the specific app or browser being used, or similar information,” Blue Coat says.
The report shows pornography returned as the number one threat vector, after dropping to number two last year. Blue Coat says when it sees a mobile user’s traffic heading to a malicious site, 36% of the time that user is following a link from a porn site.
WebAds, including malvertising attacks and sites that host Trojan apps designed to appeal to – you guessed it – porn site visitors, was the second most common threat vector, but accounted for less than 5% - a substantial drop from almost 20% last year.