Mobile Malware Attacks Skyrocket During Pandemic

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.

The COVID-19 vaccine rollout has created plenty of opportunities for hackers.

Mobile malware soared to record-high numbers last year amid the COVID-19 pandemic and resulting lockdown, according to McAfee’s Advanced Threat Research (ATR) team.

McAfee’s 2021 Mobile Threat Report found hackers are using fake apps, trojans and fraudulent messages to target consumers. At the end of 2020, total mobile malware detected by McAfee reached 43 million. And over 3 million of these detections were new.

Over the past year, the vaccine rollout has advanced at different rates across the globe. That has provided plenty of opportunities for hackers. They’re hiding malware and malicious links inside fake vaccination appointments and registration display ads. These have the potential to download malware onto a person’s device that displays unwanted ads. They can also activate accessibility features to give the hacker full device control. The hackers’ goal is stealing banking details and credentials.

According to the McAfee research, some of these campaigns started as early as last November before any vaccines had officially been approved. Others continue to appear as countries roll out their vaccination programs.

Hackers Succeeding

Raj Samani is McAfee fellow and chief scientist.

McAfee's Raj Samani

McAfee’s Raj Samani

“Hackers are often extremely successful,” he said. “Over the last year especially, they were able to prey upon fear, which often leaves people vulnerable to making hasty, uninformed decisions, to prompt consumers into accidentally clicking on malicious links or downloading malware. This is particularly true regarding the influx of COVID-related attacks.”

Another key finding is billing fraud malware that makes purchases behind the backs of consumers. Moreover, hackers are using banking trojans to target hundreds of financial institutions globally.

Most banking trojans are distributed via phishing and text messages to avoid Google’s screening process. One banking trojan repeatedly got onto the Google Play store. As a result, it tricked thousands of users into downloads.

“While COVID-19 related attacks should taper off with the new normal, many consumers still intend to…