The 2019 Mobile Threat Landscape Report: A Comprehensive Review of 2019 Mobile Malware Trends report has launched by CrowdStrike, shows that nation-states are targeting individual mobile users for intelligence gathering and disruption of national rivals.
“A new report from CrowdStrike on mobile threats detail an uptick in sophistication and interest from nation states, in addition to eCrime groups who seek to exploit mobile devices for financial gain. According to CrowdStrike’s assessment, nation-states typically target end-users who demonstrate political or intelligence value, while the criminal actors attempt to monetize mobile devices through ransomware, banking trojans, credential theft and cryptomining” Adam Myers, VP, Intelligence at CrowdStrike.
In Australia in late March 2019, a new malware family called Gustuff began being distributed to targets in Australia via an SMS spam campaign. Gustuff gets victims to enter their credentials by triggering push notifications sent by the fake banking app, and using a mechanism called automatic transfer system (ATS) to pass captured credentials on to the legitimate applications afterwards.
Other key trends from the report include:
- Mobile ransomware presents just as large of an issue as traditional ransomware
- Mobile malware can be used to support operations seeking to disrupt business operations as part of a wider attack against a company or sector
- Phishing and Banking Trojans remain two very prevalent criminal techniques
- Applications can pose many risks, especially for Android users
- Click fraud poses multiple threats as it can be repurposed to perform other functions
- Insider threats present a large, critical issue in the mobile space
You can download the full report here: https://www.mysecuritymarketplace.com/product/2019-mobile-threat-landscape-report/