It may not have been the busiest month in terms of Android malware but it was certainly a busy month for cyber security. There were still some significant Android malware developments, more PC ransomware made the jump to Android and more Malware-as-a-service threats have been discovered for sale on the underweb. eBay was victim to a significant security breach when millions of users personal data was stolen from eBay servers.
Symantec Vice President of Information Security, Brian Dye, shared some interesting thoughts on antivirus software. Unknowingly, the University of Columbia, in association with the Greek Foundation for Research and Technology, provided evidence supporting Mr.Dye's statements. But can Mr.Dye be both right and wrong at the same time, of course he can!
Cybersecurity on all platforms is very much a game of cat and mouse with cybercriminals. The strongest tool for true cybersecurity is knowing what to look for. The following are the important develops of May, 2014.
CryptoLocker is one of the most robust and successful PC ransomware threats of all time, and now it has the added capability to infect and seize control Android devices. The only bright side of this threat is, though it is automatically downloaded, it is NOT automatically installed. If you know what you're looking for and you practice safe web-surfing you can avoid this threat.
CryptoLocker is automatically downloaded when the victim visits a malicious website. The malicious file downloaded appears to have unseemly pornographic subject matter (i.e. child pornography, bestiality, etc). Delete this file immediately and you're in the clear, install this file and say goodbye to $300.
CryptoLocker puts the device in lock down. The victim can toggle between the device home screen and a ransom note stating that a government agency has locked the device for viewing illegal content. The victim must pay a fine or a criminal case will be opened against them. The government agency and the threat of legal action are fake, but the contents of the infected device are 100% locked. If the victim wishes to regain access to their device and their information they have no choice but to pay the "fine."
CryptoLocker can infect devices in 31 different countries including the US, Canada, Mexico, and a large percentage of Europe. CryptoLocker is robust and dangerous; avoid it like the plague if you can. Be on the lookout for similar pc-style threats making their way to the Android platform.
The Android iBanking Trojan was formerly an elitist Malware-as-a-Service threat with a hefty price tag of $5,000. But recently the iBanking source code was published online and iBanking activity has skyrocketed.
Many banks have adopted 2-step verification for online banking, logging into the bank account online requires a special PIN number sent to the phone number listed on the account. The iBanking Trojan is designed to thwart 2-step verification by stealing the SMS messages containing the PIN number for the bank account. Using your stolen login credentials and the 2-step verification PIN number cybercriminals can log into your bank account and pay themselves for their handy work.
It is often that the simplest things go unnoticed, and that was exactly the case for a series of fake application hosted on Google Play. These paid applications were discovered to perform no valuable function in any way. They were nothing more than expensive app icons.
Simplicity itself was how these fake apps were able to sneak onto the Google Play store. Google's security system scans for malicious functions, but it doesn't scan for no functions at all.
Google shut down these fraudulent applications before the developer could collect his money. Users affected by any of these fraudulent apps should contact Google for a refund.
According to Brian Dye, the Vice President of Information Security at security firm Symantec, "antivirus is dead." I believe that declaration is a bit melodramatic, I prefer to think of antivirus as gravely wounded but still fighting the good fight.
The reality is yes, new Android threats (and PC threats) are developing complex rules to evade detection and they are doing quite a good job of it. But antivirus has fought the losing battle before only to adapt and overcome. To become dominant as it once was antivirus must develop new means of detecting malware.
But antivirus is NOT dead. Antivirus still plays a key role in personal and professional cyber security. Old malware threats litter the web and antivirus software plays an integral role in detecting and preventing these threats from infecting your device. Don't give up on antivirus just yet, tis but a flesh wound.
While not specifically related to Android this was a significant cyber security event for the month of May. The eBay data breach resulted in millions of account usernames and passwords for the popular online auction site being stolen by hackers. Other individually identifiable information was lost in this data breach including:
- Email addresses
- Physical addresses
- Phone numbers
- Birth date information
The only positive note about this breach was eBay's recommendation to users to change the password for their eBay account and also any other account that shared the same password. Consider all accounts using the stolen eBay password to be compromised.
I encourage readers concerned about their eBay account to also read the parent article for this data breach to learn how to make a strong password to protect your account for the future.