Story image

Blue Coat sounds alarm on escalating mobile malware

04 Nov 2015

Blue Coat Systems has sounded the alarm for individual and organisations to strengthen defences around mobile devices after seeing an escalation in insidious and malicious mobile attacks.

The security vendor’s annual State of Mobile Malware report shows cyber blackmail – or mobile ransomware attacks – led the way as the top malware type in 2015, along with the stealthy insertion of spyware on devices that allows attackers to profile behaviour and online habits.

Hugh Thompson, Blue Coat CTO and senior vice president, says as we sleep, exercise, work and shop with our mobile devices, cyber criminals are waiting to take advantage of the data the devices collect – something Blue Coat says is evident in the types of malware and attacks it is seeing.

And it isn’t just consumers under threat.

“The implications of this nefarious activity certainly carry over to corporate IT as organisations rapidly adopt cloud-based, mobile versions of enterprise applications, opening up another avenue for attackers,” Thompson notes.

“A holistic and strategic approach to managing risk must extend the perimeter to mobile and cloud environments — based on a realistic, accurate look at the problem — and deploy advanced protections that can prioritise and remediate sophisticated, emerging and unknown threats.”

This year’s survey shows ransomware, potentially unwanted software (Pus) and information leakage were the top types of mobile malware this year, with Blue Coat noting the world of mobile ransomware has grown dramatically over the past year.

“While some varieties that run on Android devices cause little damage beyond convincing victims to pay the cyber hostage-taker, many have adopted more sophisticated approaches common to ransomware in the Windows environment,” Blue Coat says.

The threats render music files, photographs, videos and other document types unreadable, while typically demanding an untraceable form of payment such as Bitcoin.

PUS exhibits behaviour typical of adware or spyware, spying on users’ online activity and personal data or serving extra ads, while information leakage malware watches users and reports out on a 24x7x365 basis.

“This information leakage is usually a minor drip, showing the version of their phone’s operating system, the manufacturer, the specific app or browser being used, or similar information,” Blue Coat says.

The report shows pornography returned as the number one threat vector, after dropping to number two last year. Blue Coat says when it sees a mobile user’s traffic heading to a malicious site, 36% of the time that user is following a link from a porn site.

WebAds, including malvertising attacks and sites that host Trojan apps designed to appeal to – you guessed it – porn site visitors, was the second most common threat vector, but accounted for less than 5% - a substantial drop from almost 20% last year.

Apple's AirPods now come with 'Hey Siri' functionality
The new AirPods come with a standard case or a Wireless Charging Case that holds additional charges for more than 24 hours of listening time.
NZ investment funds throw weight against social media giants
A consortium of NZ funds managing assets worth more than $90m are appealing against Facebook, Twitter, and Google following the Christchurch terror attacks.
Poly appoints new A/NZ managing director, Andy Hurt
“We’re excited to be bringing together two established pioneers in audio and video technology to be moving forward and one business – Poly."
Unity and NVIDIA announce real-time ray tracing across industries
For situations that demand maximum photorealism and the highest visual fidelity, ray tracing provides reflections and accurate dynamic computations for global lighting.
NVIDIA announces Jetson Nano: A US$99 tiny, yet mighty AI computer 
“Jetson Nano makes AI more accessible to everyone, and is supported by the same underlying architecture and software that powers the world's supercomputers.”
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
NVIDIA introduces a new breed of high-performance workstations
“Data science is one of the fastest growing fields of computer science and impacts every industry."
Apple says its new iMacs are "pretty freaking powerful"
The company has chosen the tagline “Pretty. Freaking powerful” as the tagline – and it’s not too hard to see why.