Top | |
Newsletter 6/28/2022 |
Back to Contents A Printable PDF of this post is available here. |
The Smartphone is now the attack surface
You
never call me when you're sober
The chart above details both the common and unique characteristics of certain types of malware attacking smartphones this calendar year. Clearly from the chart above, we see that there are more samples of malware attacking Android users than Apple's iOS. Nevertheless, this is not a complete list of current malware attacking smartphones. On June 23, 2022, Google published its findings on a particular piece of spyware that attacked both iOS (Apple) and Android smartphones. The hackers carefully circumvented the Apple Store controls against malware distribution from the Apple Store. Dubbed the "Hermit" spyware, the Verge reported that "the spyware can infect both Android and iPhones by disguising itself as a legitimate source, typically taking on the form of a mobile carrier or messaging app." On May 1, 2022, the Dispatches reported on the growing "Smishing" trend. Security vendor Proofpoint published a report March 9, 2022, that contended from the beginning of February 2022 to the end of February 2022, malware attacks on Smartphones rose by 500%. And there is no mystery as to why attacks on smartphones are increasing so dramatically. The smartphone holds the keys to our private and not so private lives, same as our desktops. As the TechTimes put it:
Usually, the cybercriminals behind these attacks have a common
goal to achieve: stealing confidential information from the users. These
include bank account details, email addresses, passwords, and usernames.
Indeed, most of the malware attacking smartphones are directed toward systems based on Android. Nonetheless, the newer and more sophisticated malware attacking smartphones is independent of any vendors' "store." Smishing and sending malware via SMS texting is becoming a very real problem, as well as one big nuisance. A current example was discovered that employs Chinese language based malware. This so-called "SMS Bomber Tool with Malware Hidden Inside," is presently very active. SMS Bomber, as the name indicates, allows a user to input a phone number (not their own) so as to flood the victim's device with messages and potentially render it unusable in what's a denial-of-service (DoS) attack.
A long running malware campaign that infected machines using the Apple
Safari web browser went undetected for 5 years.
The Hacker News, June 20, 2022, reported on a
Google effort that found "A security flaw in Apple Safari that
was exploited in the wild earlier this year was originally fixed in 2013
and reintroduced in December 2016, according to a new report from Google
Project Zero." The same article noted that "In early
February 2022, Apple shipped patches for the bug across Safari, iOS,
iPadOS, and macOS, while acknowledging that it "may have been actively
exploited." ON YOUR PHONE using the phone's web browser, like Safari on an iPhone. Click the appropriate button for your device's operating system. Follow the prompts to install. Or follow the steps in the first posting about MSDefender.
There is a malware process known as msdefender.exe.
It is not the antimalware application from Microsoft and predates the
application discussed herein. Just setting the record straight.
It's kinda my job. Lock it
down for the quarantine — Lock It Down (Quarantine Love), Blair Edwards |
Back to Top Gerald Reiff |
Back to Top | next post → |