McAfee reports a surge of malware hidden in COVID-19 vaccine appointments
McAfee has released its latest Mobile Threat Report that finds a surge in new attacks targeting people’s anxiety around COVID-19.
McAfee revealed last year that hidden apps on mobile devices were the most significant threats facing consumers. And, after a year of lockdowns and increased time spent online and on devices, attackers are taking advantage of this with a host of new approaches.
Over the past year, the vaccine rollout has provided new opportunities for online attacks. McAfee's researchers found attackers are hiding malware and malicious links inside fake vaccination appointments and registration display ads.
According to the research, some of these campaigns started as early as November last year, before any vaccines had officially been approved, while others continue to appear as countries roll out their vaccination programmes.
“The pandemic changed the way consumers live, meaning hackers have adapted to switch up the various methods they use to target consumers,” says McAfee senior vice president, Consumer Business Group, Judith Bitterli.
“With more people connected online than ever before, we want to make sure we are doing everything possible to help refocus consumer’s digital mindsets to protect what matters to them and their friends and family and their personal data.
“Mobile threats remain prevalent in our world, and as fraudsters use more advanced methods, this will only continue. We aim to support consumers in safeguarding their personal devices and, more importantly, personal data.”
McAfee fellow and chief scientist, Raj Samani, says the pandemic has led to an increased dependence on mobile devices, which has also prompted bad actors to develop new ways of deceiving consumers and stealing personal data.
“As well as these advanced forms of malware and deceit, we’ve seen that hackers are also returning to billing scams, but using new tricks,” says Samani.
“As consumers continue to carry out daily activities on the go, it is critical that they stay educated and proactive about protecting their personal data.”
McAfee’s Mobile Threat Report 2021 highlights several mobile threat trends:
- According to the McAfee COVID-19 Dashboard, more than 90% of all pandemic-related malware took the form of Trojans. SMS and WhatsApp messages encouraged users to download a vaccine app, and once downloaded, the malware sent itself to everyone in the user’s contact list via SMS or WhatsApp. The malware behind this is the same family involved in India’s ban on Tik-Tok last July.
- McAfee's researchers have also uncovered new information on mobile malware dubbed Etinu. It was found being distributed via Google Play, with more than 700K downloads before being detected and removed. Once an app harbouring this malware is installed via the Google Play Store, the malware steals incoming SMS messages using a Notification Listener function. It can then make purchases and sign up for premium services and subscriptions charged to the user’s account.
- McAfee Mobile Security detected a 141% increase in banking trojan activity between Q3 and Q4 2020. Most banking trojans are distributed via mechanisms such as phishing SMS messages to avoid Google’s screening process. McAfee discovered Brazilian Remote Access Tool Android, a popular banking trojan, that repeatedly managed to get onto the Google Play Store during its research. As a result, it tricked thousands of users into downloading.