This year has already been a big one for innovation, but as we hurdle toward bendable phones, virtual reality, and live 360-degree video, we must also recognize the disruption caused by modern malware.
No matter the device, no matter the carrier, accessing certain websites or even just a wireless network can leave you vulnerable to intrusive software, or worse.
10 Million and Counting
The recent announcement that 10 million Android devices had been infected with the Chinese malware HummingBad has come as a reality check to many. Created by Yingmob, an advertising analytics agency in Beijing, HummingBad isn't the only threat from this company to recently plague mobile devices. The company has also been linked to iOS malware called Yispecter. Technology blog Check Point recently published this list of similarities between the two programs.
- Yispecter uses Yingmob’s enterprise certificates to install itself on devices
- HummingBad and Yispecter share C&C server addresses
- HummingBad repositories contain QVOD documentation, an iOS porn player targeted by Yispecter
- Both install fraudulent apps to gain revenue
According to Check Point, Yingmob generates $300,000 per month in fraudulent ad revenue through accessing the Android devices. ZDNet reports that HummingBad, which was discovered in February, infects Android devices through hidden downloads and malicious payloads delivered by websites distributing adult content. Once HummingBad lands on a device it uses a rootkit to grant attackers full access. As a backup, HummingBad uses a fake system update notification to gain access from users tricked into entering secure password data. For a technical rundown of how HummingBad works, check out Check Point's dissection here.
"This steady stream of cash, coupled with a focused organizational structure, proves cyber criminals can easily become financially self-sufficient," the Check Point Research Team writes. "Emboldened by this independence, Yingmob and groups like it can focus on honing their skill sets to take malware campaigns in entirely new directions, a trend Check Point researchers believe will escalate."
An Apple a Day?
Long thought to be immune to malware, Apple's iOS devices are now falling prey to malware, too. A new Trojan program, AceDeceiver, targets even non-jailbroken iPhones and iPads by a surreptitious download that forgoes enterprise certificates.
"AceDeceiver is the first iOS malware we've seen that abuses certain design flaws in Apple's DRM protection mechanism -- namely FairPlay -- to install malicious apps on iOS devices regardless of whether they are jailbroken," said Palo Alto Networks researcher Claud Xiao.
According to 9 to 5 Mac, AceDeceiver operates on the FairPlay Man-in-the-Middle mechanism, and has yet only been seen in China but a change to the code could allow it to easily spread.
"Apple allows users purchase and download iOS apps from their App Store through the iTunes client running in their computer. They then can use the computers to install the apps onto their iOS devices. iOS devices will request an authorization code for each app installed to prove the app was actually purchased," Xiao said. "In the FairPlay MITM attack, attackers purchase an app from App Store then intercept and save the authorization code. They then developed PC software that simulates the iTunes client behaviors, and tricks iOS devices to believe the app was purchased by victim. Therefore, the user can install apps they never actually paid for, and the creator of the software can install potentially malicious apps without the user’s knowledge."
There are few recesses of modern technology safe from hackers, and we can only expect to see more in the future, originating from some very serious operations. So what can be done for the sake of safety? There are several ways you can protect your device against hacking, common sense being the most important.
- Don’t leave your phone unattended in a public
- Change your passwords regularly
- Avoid using unprotected Bluetooth networks
- Turn off Bluetooth when not using it
- Don’t store passwords on your device
- Don't install apps you don't need or don't understand
For those who want to be extra safe, short of downgrading to a 90s-era flip phone or leaving the grid completely, there are still options.
- Avoid accessing bank or sensitive account data via public Wi-Fi
- Turn off auto-complete so personal data isn’t stored on device
- Regularly delete your browsing history, cookies and cache
- Register your phone with a locating app, so you can find it if its ever stolen
Once you emerge from your hyperbaric chamber, power off your phone, remove the battery, and live your life free of worry. Or keep your phone on, and live on the wild side. It's up to you!