Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

10/28/2015
05:00 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Ransomware Ranked Number One Mobile Malware Threat

Blue Coat report shows cyber blackmail has ported to mobile devices.

The ping pong debate over whether mobile devices have developed into a truly mainstream cyberattack vector gained a little fodder today with a new report out from Blue Coat that claims an uptick in the number of mobile ransomware attacks in 2015.

"As we sleep, exercise, work and shop with our mobile devices, cyber criminals are waiting to take advantage of the data these devices collect, as evidenced by the types of malware and attacks we're seeing," said Dr. Hugh Thompson, CTO and senior vice president for Blue Coat.

The firm reported that mobile ransomware leads the attack types on the mobile front, followed by potentially unwanted software (PUS), and information leakage.

“With the increased performance capabilities of modern smartphones, it was only a matter of time before more advanced cryptographic ransomware, such as SimpleLocker, started showing up on mobile devices,” the report said, explaining that the techniques mirror the behaviors of ransomware proliferating in PC environments.

This report comes close on the heels of a report earlier this month by IDG and Lookout that claims 74 percent of businesses report having experienced a breach as a result of a mobile issue—be it vulnerable apps, malware hidden in apps, insecure WiFi, or apps prone to information leakage.  

According to BlueCoat, the top infection vector this year has by far been pornography, accounting for 36 percent of malicious traffic coming from devices examined by the firm. On the bright side, malvertising attacks against mobile targets appear to be on the decline, dropping by 20 percent in the past year.

Despite growing concern about the potential for disaster should cyber attackers choose to target the mobile ecosystem—particularly as mobile payment goes mainstream—many experts say it's still a tempest in a teapot. Researchers at Damballa earlier this year calculated that based on a study of half of all US mobile traffic, users were 1.3 times more likely to get struck by lightning than be infected by mobile malware. And the experts behind Verizon’s Data Breach Investigation Report at Verizon Enterprise Solutions flat out refute that 74 percent occurrence rate for mobile-related breaches.

Blue Coat does acknowledge Verizon’s thoughts on the matter explaining in the report that “the sky is not falling—but putting on a helmet is a good idea.”

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
TedS486
50%
50%
TedS486,
User Rank: Apprentice
11/2/2015 | 3:30:39 AM
Re: Mobile OS
74% wow thats pretty huge. The amount of advances in Mobile Malware lately is astounding. Really should be a Red Flag to anyone with a mobile to get some security for your phone. In other words het yourself a helmet folks! :)


-Ted

https://www.youtube.com/channel/UCijmVN7B2_TF5NqwpE9AwLA

VinceF093
50%
50%
VinceF093,
User Rank: Apprentice
10/30/2015 | 12:40:34 PM
Following the Money
Thank you for pointing me to the Mobile Malware Report.  As more people move to their phones for making payments, the number of attacks on mobile will only increase.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
10/29/2015 | 2:20:52 PM
Mobile OS
Statistically for mobile malware specific to ransomware for this article, what OS was hit harder (iOS or Android)?
44% of Security Threats Start in the Cloud
Kelly Sheridan, Staff Editor, Dark Reading,  2/19/2020
Zero-Factor Authentication: Owning Our Data
Nick Selby, Chief Security Officer at Paxos Trust Company,  2/19/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
How Enterprises Are Developing and Maintaining Secure Applications
How Enterprises Are Developing and Maintaining Secure Applications
The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-9385
PUBLISHED: 2020-02-25
A NULL Pointer Dereference exists in libzint in Zint 2.7.1 because multiple + characters are mishandled in add_on in upcean.c, when called from eanx in upcean.c during EAN barcode generation.
CVE-2020-9382
PUBLISHED: 2020-02-24
An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any wiki page as a widget (as defined by this extension) via MediaWiki's } parser function.
CVE-2020-1938
PUBLISHED: 2020-02-24
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that ...
CVE-2020-9381
PUBLISHED: 2020-02-24
controllers/admin.js in Total.js CMS 13 allows remote attackers to execute arbitrary code via a POST to the /admin/api/widgets/ URI. This can be exploited in conjunction with CVE-2019-15954.
CVE-2019-17569
PUBLISHED: 2020-02-24
The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind...