Omnipresent in our daily lives, our smartphones are prime targets for hackers. Especially since they are far from being invulnerable: a report by the firm ThreatFabric warns of the malware the most fashionable.
In its annual study of the landscape of threats to mobile devices, the German cybersecurity firm ThreatFabric draws up an inventory of security on smartphones. And as much to say that we have never been so exposed to malware.
On-device fraud increasingly common
ThreatFabric reports that Poland, Australia, the United States, Germany, the United Kingdom, Italy, Portugal and France are the countries most targeted by hackers.
What seems to interest the latter is above all to be able to impersonate their users in order to carry out malicious actions without being detected. ” In the first 5 months of 2022 alone, there was a 40% increase in malware aimed at abusing [d’une vulnérabilité] of Android to defraud using the smartphone [de la victime]making their detection almost impossible from fraud detection tools writes the firm in its report.
To accomplish their misdeeds, hackers most often choose to steal small, seemingly innocuous productivity applications. Among the apps cited by ThreatFabric, we particularly note:
- Nano Cleaner (com.casualplay.leadbro)
- QuickScan (com.zynksoftware.docuscanapp)
- Chrome (com.talkleadihr)
- Play Store (com.girltold85)
- Pocket Screencaster (com.cutthousandjs)
- Chromium (com.biyitunixiko.populolo)
- Chrome (Mobile com.xifoforezuma.kebo)
- BAWAG PSK Security (com.qjlpfydjb.bpycogkzm)
Android’s Achilles heel
Even more dangerous, some of the malware cited, trojans, in this case, mimic the operation of banking applications, intended to steal the identifiers of their victims. ” This is done in order to steal credentials, even if the victim suspects something is wrong, and closes the window before even clicking the fake “submit” button. “, explain the researchers.
In detail, these malicious tools use the accessibility features of Android, which notably allow password managers to offer a quick connection to their online accounts thanks to an overlay, directly placed on the connection fields. This module is described by the site The Hacker News as being the real Achilles’ heel of Android, which logically arouses a lot of interest among hackers.
Fortunately, Android 13 should partly fix the problem by restricting app access to the operating system’s accessibility API. However, this barrier would be limited to applications that would have been “ sideloaded », i.e. installed from an alternative application store, or directly from an APK file.
In any case, ThreatFabric recalls that the only source of reliable applications on Android remains the Google Play Store. Even if we are never safe from coming across a malicious application that has escaped Google’s control…
On the same subject :
These 200 Android apps spy on you and steal your data, delete them urgently!
Source : The Hacker News
15