GS Logo
The Green Sheet, Inc

Please Log in

A Thing
View Archives

View flipbook of this issue

Care to Share?

Table of Contents

Lead Story

ATM industry's high-tech second act

Dale S. Laszig


Industry Update

Terrapinn expo probes omnichannel themes

Verifone Curb advances NYC taxi booking

CFPB on hot seat, again

Cayan hosts third annual Hackathon


Taking your business to the next level - Part 3

NFC Mobile Services

Mobile moving target

How safe is the cloud?

Breaking free of autopilot mode


Building a case for RDC check services

Patti Murphy
ProScribes Inc

Heads up, cheaters: Truth will out

Brandes Elitch
CrossCheck Inc.

Payment technology companies offer more than EMV upgrades

Adam Hark


Street SmartsSM:
Creating complex solutions for complex problems

John Tucker
1st Capital Loans LLC

The hybrid approach to sales

Jeff Fortney
Clearent LLC

Be wary of hackers seeking BII

Kevin Mendizabal
Frates Insurance and Risk Management

Company Profile

Zooz Inc.

New Products

Mobile marketing platform to drive sales

Movylo Inc.

Enhanced checkout for e-commerce

Powered Buy Platform
BlueSnap Inc.


Back to basics, again, again


Letter from the Editors

Readers Speak

Resource Guide


A Bigger Thing

The Green Sheet Online Edition

April 11, 2016  •  Issue 16:04:01

previous next

Mobile moving target

As mobile device use accelerates worldwide, so do malware attacks. According to the latest Kaspersky Lab Mobile Virusology report, the volume of malware targeting mobile users more than tripled last year. The firm detected 884,774 new malicious programs launched globally in 2015, up from 295,539 in 2014.

Advancements in mobile have made it an attractive target. "As mobile devices become more and more functional, cybercriminals have become more and more sophisticated at attacks that attempt to steal money from users," said Roman Unuchek, Senior Malware Analyst at Kaspersky Lab USA.

Ransomware, which has long been the scourge of business network users, now attacks mobile users. Incidents involving ransomware grew from 1.1 percent to 3.8 percent of mobile product attacks tracked year-over-year by Kaspersky. Last year, Russia, Germany, Kazakhstan and the United States led the pack of 156 countries impacted.

Once a device is infected, the ransomware app blocks the device with a pop-up window carrying a message that the user has committed illegal actions, Kaspersky noted. To unlock the device, the user typically pays a ransom of anywhere from $12 to $100.

According to the Blue Coat Systems Inc. 2015 Mobile Malware Report: Familiar Threats Get More Sophisticated, ransomware has become the top malware threat targeting mobile devices, and multiple security firms allege that hackers associated with the Chinese government may be responsible for the rise in attacks.

"The decision to pay a ransom comes down to the confidence and financial cost of recreating or restoring data from a previous backup," said Travis Smith, Senior Security Research Engineer at Tripwire Inc. "Since most ransomware samples we have seen have a time limit to pay, it’s important to have confidence that you can restore the majority of data on short notice. Organizations should focus on improving backup and restoration procedures to reduce the cost of restoring data and services after a potential breach."

Malware channels

Another alarming trend is the rising number of mobile malware programs that use advertising to infiltrate mobile devices. According to Unuchek, this type of malware allows cybercriminals to "gain super-user access" on users' devices to install components that are often difficult to remove.

Malicious apps have also appeared in the Apple App Store and Google Play Store. Kaspersky estimated that the number of downloads linked to the Google Play Store were between 100,000 to 500,000 per Trojan.

Kaspersky noted that criminals attacking Apple posted a malicious version of the Xcode iOS app developer toolset to exploit third-party vendors, who then shared it through local servers. Apple apparently responded by removing an estimated 39 infected Xcode apps downloaded to the App Store.

Following is a list of mobile malware trends identified by Kaspersky in 2015:

Banker beware

While the number of new mobile banking Trojans decreased in 2015, 7,030 versus 16,586 in 2014, intrusions have become more pernicious. According to Kaspersky, malware today overlays the bank's legitimate pages or online payment apps with fake ones to impact clients at dozens of banks through a single attack. Past apps were capable of infecting one or two banks at a time.

Stealing user logins and passwords by displaying a phishing window instead of the genuine app interface is nothing new. "We first came across it back in 2013 in Trojan-SMS.AndroidOS.Svpeng," Unuchek noted. "In our IT threat evolution in Q1 2015 report we mentioned, which was capable of attacking at least 29 banking and financial apps."

Using the latest iteration of the Trojan identified in the first quarter 2015 report, hackers can infect up to 114 banking and financial apps, according to Unuchek. He added that the Trojan's main goal is to steal the login credentials for bank accounts, but it also overlays the windows of several popular mail applications.

"To stay safe do not neglect reliable mobile anti-virus solutions," Unuchek said. "Bear in mind that prevention of the threat is better than suffering losses after the infection."

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

previous next

Spotlight Innovators:

North American Bancard | USAePay | Impact Paysystems | Electronic Merchant Systems | Board Studios