Endpoint
10/28/2015
05:00 PM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

Ransomware Ranked Number One Mobile Malware Threat

Blue Coat report shows cyber blackmail has ported to mobile devices.

The ping pong debate over whether mobile devices have developed into a truly mainstream cyberattack vector gained a little fodder today with a new report out from Blue Coat that claims an uptick in the number of mobile ransomware attacks in 2015.

"As we sleep, exercise, work and shop with our mobile devices, cyber criminals are waiting to take advantage of the data these devices collect, as evidenced by the types of malware and attacks we're seeing," said Dr. Hugh Thompson, CTO and senior vice president for Blue Coat.

The firm reported that mobile ransomware leads the attack types on the mobile front, followed by potentially unwanted software (PUS), and information leakage.

“With the increased performance capabilities of modern smartphones, it was only a matter of time before more advanced cryptographic ransomware, such as SimpleLocker, started showing up on mobile devices,” the report said, explaining that the techniques mirror the behaviors of ransomware proliferating in PC environments.

This report comes close on the heels of a report earlier this month by IDG and Lookout that claims 74 percent of businesses report having experienced a breach as a result of a mobile issue—be it vulnerable apps, malware hidden in apps, insecure WiFi, or apps prone to information leakage.  

According to BlueCoat, the top infection vector this year has by far been pornography, accounting for 36 percent of malicious traffic coming from devices examined by the firm. On the bright side, malvertising attacks against mobile targets appear to be on the decline, dropping by 20 percent in the past year.

Despite growing concern about the potential for disaster should cyber attackers choose to target the mobile ecosystem—particularly as mobile payment goes mainstream—many experts say it's still a tempest in a teapot. Researchers at Damballa earlier this year calculated that based on a study of half of all US mobile traffic, users were 1.3 times more likely to get struck by lightning than be infected by mobile malware. And the experts behind Verizon’s Data Breach Investigation Report at Verizon Enterprise Solutions flat out refute that 74 percent occurrence rate for mobile-related breaches.

Blue Coat does acknowledge Verizon’s thoughts on the matter explaining in the report that “the sky is not falling—but putting on a helmet is a good idea.”

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
TedS486
50%
50%
TedS486,
User Rank: Apprentice
11/2/2015 | 3:30:39 AM
Re: Mobile OS
74% wow thats pretty huge. The amount of advances in Mobile Malware lately is astounding. Really should be a Red Flag to anyone with a mobile to get some security for your phone. In other words het yourself a helmet folks! :)


-Ted

https://www.youtube.com/channel/UCijmVN7B2_TF5NqwpE9AwLA

VinceF093
50%
50%
VinceF093,
User Rank: Apprentice
10/30/2015 | 12:40:34 PM
Following the Money
Thank you for pointing me to the Mobile Malware Report.  As more people move to their phones for making payments, the number of attacks on mobile will only increase.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
10/29/2015 | 2:20:52 PM
Mobile OS
Statistically for mobile malware specific to ransomware for this article, what OS was hit harder (iOS or Android)?
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Five Emerging Security Threats - And What You Can Learn From Them
At Black Hat USA, researchers unveiled some nasty vulnerabilities. Is your organization ready?
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
Join Dark Reading community editor Marilyn Cohodas and her guest, David Shearer, (ISC)2 Chief Executive Officer, as they discuss issues that keep IT security professionals up at night, including results from the recent 2016 Black Hat Attendee Survey.