Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

10/28/2015
05:00 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Ransomware Ranked Number One Mobile Malware Threat

Blue Coat report shows cyber blackmail has ported to mobile devices.

The ping pong debate over whether mobile devices have developed into a truly mainstream cyberattack vector gained a little fodder today with a new report out from Blue Coat that claims an uptick in the number of mobile ransomware attacks in 2015.

"As we sleep, exercise, work and shop with our mobile devices, cyber criminals are waiting to take advantage of the data these devices collect, as evidenced by the types of malware and attacks we're seeing," said Dr. Hugh Thompson, CTO and senior vice president for Blue Coat.

The firm reported that mobile ransomware leads the attack types on the mobile front, followed by potentially unwanted software (PUS), and information leakage.

“With the increased performance capabilities of modern smartphones, it was only a matter of time before more advanced cryptographic ransomware, such as SimpleLocker, started showing up on mobile devices,” the report said, explaining that the techniques mirror the behaviors of ransomware proliferating in PC environments.

This report comes close on the heels of a report earlier this month by IDG and Lookout that claims 74 percent of businesses report having experienced a breach as a result of a mobile issue—be it vulnerable apps, malware hidden in apps, insecure WiFi, or apps prone to information leakage.  

According to BlueCoat, the top infection vector this year has by far been pornography, accounting for 36 percent of malicious traffic coming from devices examined by the firm. On the bright side, malvertising attacks against mobile targets appear to be on the decline, dropping by 20 percent in the past year.

Despite growing concern about the potential for disaster should cyber attackers choose to target the mobile ecosystem—particularly as mobile payment goes mainstream—many experts say it's still a tempest in a teapot. Researchers at Damballa earlier this year calculated that based on a study of half of all US mobile traffic, users were 1.3 times more likely to get struck by lightning than be infected by mobile malware. And the experts behind Verizon’s Data Breach Investigation Report at Verizon Enterprise Solutions flat out refute that 74 percent occurrence rate for mobile-related breaches.

Blue Coat does acknowledge Verizon’s thoughts on the matter explaining in the report that “the sky is not falling—but putting on a helmet is a good idea.”

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
TedS486
50%
50%
TedS486,
User Rank: Apprentice
11/2/2015 | 3:30:39 AM
Re: Mobile OS
74% wow thats pretty huge. The amount of advances in Mobile Malware lately is astounding. Really should be a Red Flag to anyone with a mobile to get some security for your phone. In other words het yourself a helmet folks! :)


-Ted

https://www.youtube.com/channel/UCijmVN7B2_TF5NqwpE9AwLA

VinceF093
50%
50%
VinceF093,
User Rank: Apprentice
10/30/2015 | 12:40:34 PM
Following the Money
Thank you for pointing me to the Mobile Malware Report.  As more people move to their phones for making payments, the number of attacks on mobile will only increase.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
10/29/2015 | 2:20:52 PM
Mobile OS
Statistically for mobile malware specific to ransomware for this article, what OS was hit harder (iOS or Android)?
Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-2322
PUBLISHED: 2021-06-23
Vulnerability in OpenGrok (component: Web App). Versions that are affected are 1.6.7 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise OpenGrok. Successful attacks of this vulnerability can result in takeover of OpenGrok. CVSS 3.1 ...
CVE-2021-20019
PUBLISHED: 2021-06-23
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a crafted HTTP request, this can potentially lead to an internal sensitive data disclosure vulnerability.
CVE-2021-21809
PUBLISHED: 2021-06-23
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
CVE-2021-34067
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.
CVE-2021-34068
PUBLISHED: 2021-06-23
Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a crafted file.