Mobile Security Threats
More and more business is being done on mobile devices. With this new platform for commerce, also comes new threats. Read below about a new malware affecting android users called Hummingbad. Contact me to find out if and how this could affect your business and ensure your system is secure.
Android Users Face a New Malware Threat in Hummingbad
Most people engaged in legitimate business have no idea just how profitable hacking can be. Hummingbad is a case in point. Part of the “Hummer” family of Trojans, this bit of malware is the most widely installed Trojan on the mobile device ecosystem, impacting more than two billion Android users worldwide.
The Trojan originated in China, and is most commonly found in China, India, and Pakistan, although when counting all its variants, it has a global reach. To give you some idea of how profitable it is for the hackers who created it, based on the current rate of infection (about 1.4 million new installs per day) and assuming an average profit of $0.50 per new installation, which is the typical price users pay for what they think is a legitimate app, the creators of the Trojan are netting an impressive $500,000 per day, even after accounting for processing fees.
Once installed on a user’s mobile device, the Trojan gives itself root level permission, which makes it virtually impossible to get rid of. At that point, virus scanners and anti-malware software cannot remove it. Even restoring to factory settings won’t get rid of it.
The software proceeds to install all manner of unwanted games and apps, including porn apps, and it does so at an alarming rate. In fact, tests were conducted on the Trojan to get a feel for just how active it was, and it was discovered that in the span of just a few hours, the Trojan accessed the network some 10,000 times, downloading more than two Gigs of data. If you’re on a plan with tight data caps, then in addition to getting bombarded with huge numbers of unwanted apps that reappear not long after you delete them, Hummer and its variants could cost you big on your monthly cell phone bill, as you vastly exceed your data cap.
Although Hummer is the largest and most pervasive, it is by no means the only app of its kind, and it underscores the very real risks associated with downloading apps from non-trusted sources.
Macs Become More Common Target of Malware
In the old days, before the rise of the iPad and iPhone, hackers were mostly content to leave Apple alone. They had such a tiny slice of the computer market that it was generally deemed as being more trouble than it was worth to create a virus that would only impact such a small number of devices.
Times, however, have changed. Apple is now the largest technology company in the world, and as they have grown, they’ve become an increasingly attractive target. Recently, security researchers from antivirus vendor Bitdefender have found a new backdoor program that gives hackers virtually unlimited access to Mac systems, over the Tor network.
If you haven’t heard of it, the Tor browser it’s one of the primary ways that users can reach sites on the Dark Web. The newly discovered malware, called “Backdoor.MAC.Elenor” appears, on the surface, to be a handy file conversion application, offered through a variety of reputable websites that sell Mac software.
On installation, the application executes a script that installs a series of components in a folder called “/Users/$USER/Library/.dropbox.” Given the popularity of Dropbox, using it as part of the folder name is a simple but effective camouflage that makes it easy for the malware to remain hidden.
The malware has three components. A web service with a PHP application, an agent that posts access URL’s to infected machines so that any hacker who knows the posting location can access the infected machine, and a hidden service that allows hackers to remotely connect to infected systems anonymously, over the Tor network.
Once connected, hackers are able to view, edit, rename, upload, download, and delete files on the system. They can even activate system accessories like an onboard camera and take pictures or video at will. The long and the short of it is that this is an especially dangerous piece of malware, and if you use Macs in your office, then your IT staff definitely needs to be on guard against it.