While desktop systems used to be the preferred focus of cybercriminals, the prevalence of mobile devices have shifted their strategy. Prompting experts to warn consumers to prepare for an increase in banking malware, ransomware and other attacks aimed at smartphones we witnessed in 2017 to continue this year.
A vast majority of threats last year affected Android devices and those downloading apps from third-party stores, but now people purchasing their apps from Google’s Play mobile store are finding themselves affected as well.
A report by Trend Micro released earlier this year estimated about 30,000 malicious applications were published on Google Play’s app store last year, These threats were more sophisticated than previous malicious apps, hiding encrypted traffic behind legitimate application functionality.
In the third quarter of 2017, 16 million mobile devices were infested with malware. Almost twice as many as affected in the third quarter of 2016.
Understandably, cybersecurity predictions for 2018 are looking grim. With almost five billion mobile users worldwide, smartphone attacks are proving to be a lucrative target for malware authors. As the number of smartphones increases and expands to include other IoT devices like virtual assistants, the number of possible devices that can be attacked in our home grows every day.
But desktop users shouldn’t take this as a sign that cybercriminals are ignoring tradition.
Since the cryptocurrency explosion last year, there’s been a huge boost in cyberattacks focused on crypto-mining. The malware in question takes advantage of CPU cycles, and leverages victim’s devices to perform the complex, CPU-intensive calculations, better known as ‘mining’ to create cryptocurrencies.
This type of malware was recently found running on more than 4,000 websites, including frequently accessed government sites, like ico.org.uk, the United Kingdom’s Information Commissioner’s Office and the website for the US court system, uscourts.gov. Even tech savvy companies like Tesla have fallen victim to crypto-mining malware.
Ransomware too, was on the rise, increasing by more than 90 percent over the course of last year. With all the hype surrounding last year’s WannaCry and NOTPETYA attacks, ransomware has proven to be quite profitable for hackers and malware authors, and this form of attack doesn’t show any sign of letting up in the future.
Keeping your malware and anti-virus software up to date is your first line of defence, however hackers have found a way to circumvent another tool which stops malicious software from executing. Trusted certificates.
According to a report released by internet tech company Recorded Future, criminal gangs have found a way to circumvent the security and get their malware onto the machines of unsuspecting users. By stealing legitimate certificates from authorities like Symantec and Comodo, malware developers can bypass that layer of protection.
Whether we like it or not, 2018 is shaping up to be a big year for cybercriminals and the dark web. But there’s no business for cybercriminals if there aren’t enough victims. If you haven’t made a concerted effort to improve the cybersecurity on your computer and smart phone, there’s no better time than the present.
For contribution enquiries, please email us.