Mobile platforms have become increasingly attractive to cybercriminals as consumers live more of their digital lives on smartphones and tablets, according to security vendor, McAfee.
In its latest report, Mobile Security: McAfee Consumer Trends , it stated that hackers are using a new wave of techniques to steal digital identities, commit financial fraud, and invade users’ privacy on mobile devices.
They include malicious apps, malicious software toolkits sold on the black market and drive-by downloads. The increasing prevalence of Near Field Communication (NFC) technology is also expected to encourage hackers to use this as an avenue for spreading malware.
Using its global threat intelligence network (GTI), McAfee Labs analysed mobile security data from the last three quarters for the report.
“The number of Australians using smartphones and tablets is set to significantly increase in the coming years; and as the number of users increases so does the appeal for hackers to target their mobile devices,” McAfee Asia-Pacific chief technology officer, Michael Sentonas, said.
The report showed cybercriminals are going to great lengths to insert infected apps into trusted sources such as Google Play, and claimed the risks within each app are becoming more intricate.
It revealed 75 per cent of the malware-infected apps downloaded by McAfee Mobile Security users were housed in the Google Play store and the average consumer has a one in six chance of downloading a risky app. Nearly 25 per cent of the risky apps that contained malware also contained suspicious URLs.
As for black market activity, criminals are increasingly using these to commit premium SMS and click fraud, spam distribution, data theft, or bank fraud, according to McAfee. It also said the complexity of these criminal activities is growing and commercial criminals are reusing and recombining these components to devise new, profitable schemes.
McAfee expects drive-by downloads to increase in 2013. On a mobile device, a drive-by download fools a user into downloading an app without knowing it. Once a user opens the app, criminals have access to the device.
It also anticipates criminals will abuse NFC technology used in mobile payment programs, or “digital wallets”. When a newly infected device is used to “tap and pay” for a purchase, the scammer collects the details of the wallet account and secretly reuses these credentials to steal from the wallet.
“Cybercriminals are exhibiting greater levels of determination and sophistication leading to more destructive, multi-faceted hacks that are harder to spot, and thus warrant a greater degree of security and vigilance,” McAfee mobile product development vice-president, Luis Blando, said.