Mobile advertising fueling cybercrime

INTERNET | CYBERCRIME

The year 2017 has proved to be a lucrative year for cybercrime. Prominent malware and attack methods continue to evolve, creatively bypassing existing security solutions, a report by Check Point Software Technologies has said.

"In 2016, we witnessed sophisticated new malware emerging on a regular basis, exposing new capabilities, distribution methods, and attack services offered for sale through multiple platforms. 2017 is shedding light on a new trend. Simple, yet highly effective malware families are causing rapid destruction globally," the report titled: Cyber Attack Trends: Mid-Year Report, says.

The report points out the trends below:

1. Nation-state cyber weapons are now in the hands of criminals
Data leakage incidents have significantly evolved in sophistication, frequency and volume. As seen in several incidents throughout the first half of 2017, the theft and consequent availability of key nation-state hacking tools, combined with wide scale zero-day vulnerabilities, now enable unskilled hackers to carry out highly sophisticated attack campaigns.

2. The line between adware and malware is fading, and mobile adware botnets are on the rise
Adware, which automatically displays or downloads advertising material on an infected machine, was until recently not among our greatest concerns. While sometimes annoying, its sole purpose is to generate revenue and not to cause actual damage. In parallel, mobile adware botnets continue to expand and dominate the mobile malware arena. In the first half of 2017, we witnessed a persistent rise in the spread and technical capabilities of mobile adware botnets.

3. Macro-based downloaders continue to evolve
As malware continues to evolve, the same is true for its delivery methods. During the past six months, we have seen some new methods for exploiting Microsoft Office files, which no longer require victims to open the door for the attackers by enabling macros.

4. A new wave of mobile bankers on GooglePlay
On top of the large adware campaigns we have grown accustomed to finding on Google Play, a new wave of mobile bankers, most of which belong to the BankBot family, managed to enter the play store undetected and infect users.

This is an alarming development as the bankers malware harm users directly, and are supposed to be easier to detect. However, the perpetrators combined open-sourced banking malware code with complex obfuscation techniques to successfully and repeatedly bypass Google's protections.

"Even with massive outbreaks such as WannaCry and NotPetya making global news, most organisations continue to rely on a strategy of detection and response after an attack has occurred, rather than prevention," the report says.