News Feed Item

McAfee Labs Report Sees Mobile Malware Target Trust in Early 2014

McAfee Labs today released the McAfee Labs Threats Report: June 2014, revealing mobile malware tactics that abuse the popularity, features and vulnerabilities of legitimate apps and services, including malware-infested clones masquerading as the popular mobile game Flappy Birds. The report highlights the need for mobile app developers to be more vigilant about the security of their apps, and encourages users to be mindful when granting permission requests that criminals could exploit for profit.

The manipulation of legitimate mobile apps and services played a key role in the expansion of mobile malware at the beginning of 2014. McAfee Labs found that 79 percent of sampled clones of the Flappy Birds game contained malware. Through these clones, perpetrators were able to make phone calls without user permission, install additional apps, extract contact list data, track geo-location and establish root access for uninhibited control over anything on the device, including the recording, sending, and receiving of SMS messages.

Beyond app reputation, McAfee Labs saw notable examples of mobile malware that take advantage of the features of trusted apps and services, including:

  • Android/BadInst.A: This malicious mobile app abuses app store account authentication and authorization to automatically download, install and launch other apps without user permission
  • Android/Waller.A: This Trojan exploits a flaw in a legitimate digital wallet service to commandeer its money-transfer protocol and transfer money to the attacker’s servers
  • Android/Balloonpopper.A: This Trojan exploits an encryption method weakness in the popular messaging app WhatsApp, allowing attackers to intercept and share conversations and photos without users’ permission

“We tend to trust the names we know on the internet and risk compromising our safety if it means gaining what we most desire,” said Vincent Weafer, senior vice president for McAfee Labs. “The year 2014 has already given us ample evidence that mobile malware developers are playing on these inclinations to manipulate the familiar, legitimate features in the mobile apps and services we recognize and trust. Developers must become more vigilant with the controls they build into these apps, and users must be more mindful of what permissions they grant.”

Each quarter, the McAfee Labs team of 450 multidisciplinary researchers in 30 countries follows the complete range of threats in real time, identifying application vulnerabilities, analyzing and correlating risks, and enabling instant remediation to protect enterprises and the public.

Additional Key Findings

  • Mobile on the move: McAfee Labs’ “zoo” of mobile malware samples grew by 167 percent between Q1 2013 and Q1 2014
  • Suspicious URLs: New suspect URLs set a three-month record with more than 18 million, a 19 percent increase over Q4 2013 and the fourth straight quarterly increase
  • Signed malware: New malicious signed binaries remain a popular form of attack, increasing by 46 percent in the first quarter of 2014
  • Master boot record malware: New threats attacking the master boot record increased by 49 percent in the first quarter, reaching an all-time high for a single quarter
  • Ransomware in repose: Ransomware sample counts have dropped for three straight quarters
  • Botnets and currency mining: McAfee Labs saw botnet providers include virtual currency mining capabilities with their services, reflecting the increasing popularity of digital currencies such as Bitcoin

To read the full McAfee Labs Threats Report: June 2014, please visit: http://mcaf.ee/5q3wh

About McAfee Labs

McAfee Labs is a leading source for threat research, threat intelligence, and cybersecurity thought leadership. The McAfee Labs team of 450 researchers collects threat data from millions of sensors across key threat vectors—file, web, message, and network. It then performs cross-vector threat correlation analysis and delivers real-time threat intelligence to tightly integrated McAfee endpoint and network security products through its cloud-based McAfee Global Threat Intelligence service. McAfee Labs also develops core threat detection technologies—such as McAfee DeepSAFE technology, application profiling, and graylist management—that are incorporated into the broadest security product portfolio in the industry. http://www.mcafee.com/us/mcafee-labs.aspx

About McAfee

McAfee, part of Intel Security and a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), empowers businesses, the public sector, and home users to safely experience the benefits of the Internet. The company delivers proactive and proven security solutions and services for systems, networks, and mobile devices around the world. With its Security Connected strategy, innovative approach to hardware-enhanced security, and unique Global Threat Intelligence network, McAfee is relentlessly focused on keeping its customers safe. http://www.mcafee.com

Note: McAfee is a trademark or registered trademark of McAfee, Inc. in the United States and other countries. Other names and brands may be claimed as the property of others.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
The IoT Will Grow: In what might be the most obvious prediction of the decade, the IoT will continue to expand next year, with more and more devices coming online every single day. What isn’t so obvious about this prediction: where that growth will occur. The retail, healthcare, and industrial/supply chain industries will likely see the greatest growth. Forrester Research has predicted the IoT will become “the backbone” of customer value as it continues to grow. It is no surprise that retail is ...
Evan Kirstel is an internationally recognized thought leader and social media influencer in IoT (#1 in 2017), Cloud, Data Security (2016), Health Tech (#9 in 2017), Digital Health (#6 in 2016), B2B Marketing (#5 in 2015), AI, Smart Home, Digital (2017), IIoT (#1 in 2017) and Telecom/Wireless/5G. His connections are a "Who's Who" in these technologies, He is in the top 10 most mentioned/re-tweeted by CMOs and CIOs (2016) and have been recently named 5th most influential B2B marketeer in the US. H...
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of bus...
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO and DXWorldEXPO are two of the most important technology events of the year. Since its launch over eight years ago, @CloudEXPO and DXWorldEXPO have presented a rock star faculty as well as showcased hundreds of sponsors and exhibitors! In this blog post, we provide 7 tips on how, as part of our world-class faculty, you can deliver one of the most popular sessions at our events. But before reading...
DXWorldEXPO LLC announced today that "Miami Blockchain Event by FinTechEXPO" has announced that its Call for Papers is now open. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Financial enterprises in New York City, London, Singapore, and other world financial capitals are embracing a new generation of smart, automated FinTech that eliminates many cumbersome, slow, and expe...
Cloud Expo | DXWorld Expo have announced the conference tracks for Cloud Expo 2018. Cloud Expo will be held June 5-7, 2018, at the Javits Center in New York City, and November 6-8, 2018, at the Santa Clara Convention Center, Santa Clara, CA. Digital Transformation (DX) is a major focus with the introduction of DX Expo within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive ov...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by FinTechEXPO. ICOHOLDER give you detailed information and help the community to invest in the trusty projects. Miami Blockchain Event by FinTechEXPO has opened its Call for Papers. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Miami Blockchain Event by FinTechEXPO also offers s...
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
@DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the world's largest enterprises - and delivering real results.
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to work together. The number of software platforms, apps, hardware and connectivity standards is creating paralysis among businesses that are afraid of being locked into a solution. EdgeX Foundry is unifying the community around a common IoT edge framework and an ecosystem of interoperable components.
"We started a Master of Science in business analytics - that's the hot topic. We serve the business community around San Francisco so we educate the working professionals and this is where they all want to be," explained Judy Lee, Associate Professor and Department Chair at Golden Gate University, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.