Mobile Attackers Move to Malicious Advertisements: Report
Web advertising that directs mobile users to malicious download sites has become the leading vector of attacks on mobile devices, according to a report released March 5 by enterprise security firm Blue Coat Systems.
Malicious advertisements, or malvertising, has been a favorite method for cyber-criminals to spread programs that compromise victims' systems, steal information and empty bank accounts. Now, malicious mobile advertisements account for nearly 20 percent of all attacks seen by Blue Coat Systems' customers, stated the company's 2014 Mobile Malware Report.
Shopping has become the fifth most popular type of traffic on mobile devices, so it is not surprising that attackers are looking at ways to take advantage of users' interest in products, Sasi Murthy, senior director of product marketing for Blue Coat, told eWEEK.
"Cyber-crime is about low investment and high return," she said. "Cyber-criminals are just capitalizing on the trends we are seeing with mobile users."
Attacks on mobile devices continue to be linked to the less secure application ecosystems in Asia and Eastern Europe. Infection rates in North America continue to be low, with network security firm Kindsight estimating infections at 0.55 percent, although some antivirus vendors have estimates as high as 4 percent. Nearly all—99 percent—of current malware attacks focus on Android devices, according to Cisco's 2013 Annual Security Report.
The Blue Coat report acknowledges that attacks require at least four stages and a great deal of user interaction. In a typical rogue antivirus scheme, for example, a user must first click on a malicious advertisement, then agree to install an application and, finally, change the third-party application installation setting for the smartphone to allow non-Google Play applications to be installed.
"Mobile security still relies on the user to have the sense and the awareness to not click on these advertisements or to only purchase apps from legitimate marketplaces," Murthy said.
Because Blue Coat blocks the potential attacks, the company does not know how many of the attacks would have ultimately succeeded.
While attacks through Web advertisements have become the most common vector, pornography remains the most dangerous category for mobile users. While less than 1 percent of all mobile content requests sought pornographic content, the category accounts for more than 16 percent of all attacks.
Most malicious mobile software either steals personal information from the infected device or uses premium Short Message Service (SMS) communications to steal money. Data stolen from devices includes User-Agent stings, information on other apps, address book data and calendar data.
"The lack of transparency into an app's behavior sets users up to fail by putting them at greater risk for privacy violations," the report stated. "It also makes it impossible for users to make risk-based decisions about the apps they want to use and the information they want to share."