With malware and other security threats
continue to chase mobile users, a new McAfee report reveals mobile app
providers have been slow to address the most basic SSL vulnerabilities
– improper digital certificate chain validation.
In
September 2014, the Computer Emergency Response Team (CERT) at Carnegie
Mellon University released a list of mobile apps possessing this
weakness, including apps with millions of downloads to their credit.
Related Stories
Intel
Security's McAfee Labs Threats Report: February 2015, includes
assessments of the mobile threat landscape and the failure of mobile app
developers to patch critical secure sockets layer (SSL)
vulnerabilities, potentially impacting millions of mobile phone users.
MWC 2014: McAfee releases free version of Mc...McAfee Mobile SecurityMcAfee to offer free mobile security to Indi...mcAfee Mobile SecurityTop 15 Android games that you should play3 easy steps for maximum performance for you...
McAfee
Labs also revealed details on the increasingly popular Angler exploit
kit, and warned of increasingly aggressive potentially unwanted programs
(PUPs) that change system settings and gather personal information
without the knowledge of users.
The new report comes shortly after F-Secure released a similar report highlighting growth of malware and banking related threats for Internet users in India.
In
January, McAfee Labs tested the 25 most popular apps on CERT’s list of
vulnerable mobile apps that send login credentials through insecure
connections and found that 18 still have not been patched despite public
disclosure, vendor notification, and, in some cases, multiple version
updates addressing concerns other than security. McAfee Labs researchers
simulated man-in-the-middle (MITM) attacks that successfully
intercepted information shared during supposedly secure SSL sessions.
The vulnerable data included usernames and passwords and in some
instances, login credentials from social networks and other third party
services.
Although there is no
evidence that these mobile apps have been exploited, the cumulative
number of downloads for these apps ranges into the hundreds of millions.
Given these numbers, McAfee Labs’ findings suggest that the choice by
mobile app developers to not patch the SSL vulnerabilities has
potentially put millions of users at risk of becoming targets of MITM
attacks.
“Mobile devices have become
essential tools for home to enterprises users as we increasing live our
lives through these devices and the applications created to run on them
,” said Vincent Weafer, SVP of McAfee Labs, part of Intel Security.
“Digital trust is an imperative for us to truly engage with and benefit
from the functionality they can provide. Mobile app developers must take
greater responsibility for ensuring that their applications follow the
secure programing practices and vulnerability responses developed over
the past decade, and by doing so provide the level of protection
required for us to trust our digital lives with them.”
Another
Q4 development followed closely by McAfee Labs was the rise of the
Angler exploit kit – one of the cybercrime-as-a-service economy’s latest
contributions to off-the-shelf tools delivering ever greater malicious
functionality. Researchers saw cybercriminals migrate to Angler in the
second half of 2014, when it surpassed Blacole in popularity among
exploit kits. Angler employs a variety of evasion techniques to remain
undetected by virtual machines, sandboxes, and security software, and
frequently changes patterns and payloads to hide its presence from some
security products.
This crimeware
package contains easy-to-use attack features and new capabilities such
as file-less infection, virtual machine and security product evasion,
and the ability to deliver a wide range of payloads including banking
Trojans, rootkits, ransomware, CryptoLocker, and backdoor Trojans.
The report also identified a number of other developments in the final quarter of 2014:
Mobile Malware. McAfee Labs reported that mobile malware samples grew
14 percent during the fourth quarter of 2014, with Asia and Africa
registering the highest infection rates. At least 8 percent of all
McAfee-monitored mobile systems reported an infection in Q4 2014, with
much of the activity being attributed to the AirPush ad network.· Potentially Unwanted Programs. In Q4, McAfee Labs detected PUPs on 91 million systems each day. McAfee Labs sees PUPs becoming more and more aggressive, posing as legitimate apps while performing unauthorized actions such as displaying unintended ads, modifying browser settings, or collecting user and system data.
· Ransomware. Beginning in Q3, the number of new ransomware samples began to grow again after a four-quarter decline. In Q4, the number of new samples grew 155 percent.
· Signed Malware. After a brief drop in new malicious signed binaries, the pace of growth resumed in Q4 with a 17 percent increase in total signed binaries.
· Total Malware. McAfee Labs now detects 387 new samples of malware every minute, or more than six every second.
No comments:
Post a Comment