Mobile Cybersecurity Sneak-Attacks Expected in 2020

McAfee released a new mobile cybersecurity report today that predicts the coming year to be riddled with sneak-attacks. Based on their previous research, the company had shown that through 2019, hidden mobile apps were responsible for half of the security breaches on those devices. While smart users were able to pick up on the more apparent apps that took advantage of mobile systems such as crypto miners and backdoors, the more malicious of these apps were difficult, if not impossible, to locate and shut down. New research by McAfee noted that these hidden threats have evolved to become even harder to find and remove, suggesting that the coming year will see more of them threaten user data on mobile devices.

Certain Threats Stand Out

The McAfee Mobile Threat Report 2020 notices these things, including:

  • Hackers are using links within gaming apps to spoof users into clicking on them. The level to which the link is disguised varies. Even experienced users may click inadvertently and end up with hidden malware installed on their mobile devices.
  • LiefAccess (also called Shopper), which co-opts the accessibility tools within a mobile device to create new accounts and download data without the user being aware of what’s going on. By hitting the user with fake warnings, the app can get the user to allow it to use the accessibility tools on the handset. This access gives Shopper the ability to post on social media accounts with the user’s linked data.
  • Legitimate Apps are being co-opted by malicious third parties, replacing the libraries that the official versions depend on with a custom one. The example McAfee gives is a legitimate South Korean transit app. The replaced libraries allowed the malware to access sensitive data stored on the phone and upload it to an external location.

A New Wave of Malicious Applications

These newest threats, while not the norm just yet, set a dangerous precedent for what we can come to expect in the coming year. If McAfee is right, then even experienced users will have to increase their vigilance against malicious apps taking advantage of their mobile devices.

CloudWedge